Kontroloval jsem PC pomocí MBAMu a i v krátkém testu to našlo skoro 200 objektů.Poradí někdo co z toho smazat a naopak co nechat?
LOG :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4711
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
28.9.2010 16:32:46
mbam-log-2010-09-28 (16-32-46).txt
Typ skenu: Rychlý sken
Skenované objekty: 144040
Uplynulý čas: 7 minuta(y), 35 sekunda(y)
Infikované procesy v paměti: 1
Infikované moduly v paměti: 5
Infikované klíče registru: 151
Infikované hodnoty registru: 8
Infikované datové položky registru: 0
Infikované složky: 15
Infikované soubory: 70
Infikované procesy v paměti:
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
Infikované moduly v paměti:
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
Infikované klíče registru:
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{819ffe20-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{819ffe21-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{819ffe22-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{799391d3-eb86-4bac-9bd3-cbfea58a0e15} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
Infikované soubory:
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Výsledek MBAMu aneb co odstranit?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Výsledek MBAMu aneb co odstranit?
Zdravim 
Vse muzete smazat a doporucuji provest uplny sken...
Vse muzete smazat a doporucuji provest uplny sken...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Výsledek MBAMu aneb co odstranit?
Děkuji Pro jistotu zasílám log z RSIT.
Nyní používám pouze Avast Free,Zone Alarm a origo Microsoft antivir.
Visty jsou origo. Pokud v logu objevíte cokoliv neorigo prosím o upozornění ihned mažu
Zde log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Monča at 2010-09-28 16:36:17
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 5 GB (2%) free of 238 GB
Total RAM: 3582 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:36, on 28.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
C:\Users\Monča\Bluebirds\BlueBirds.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\trend micro\Monča.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KTSInit] 0
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Aladdin SQL Server - Unknown owner - C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - Unknown owner - C:\Windows\system32\pr2ah4nc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13048 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {CFF27301-5CC7-496D-B9C5-9EC70A18ECC5}
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe"
taskeng.exe {2264AAF6-040B-451A-8AD3-75734FD399C6}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Monča\Bluebirds\BlueBirds.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE" /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
taskeng.exe {90FB456B-6CF1-4C7B-B7D0-2B1EC241F593}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
{3C9FF674-F5B0-4111-994E-E9702AE69259}
{28C87493-6E76-4052-9870-A8271E71823A}
{3674406E-8E84-4AC4-AE34-C37737E5E99A}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4252.8d17280.1480911294 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4252 plugin \\.\pipe\gecko-crash-server-pipe.4252
C:\Windows\system32\msiexec /V
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"c:\Program Files\Microsoft Security Essentials\MsMpEng.exe"
"C:\Program Files\Microsoft Security Essentials\msseces.exe" /UpdateAndQuickScan
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Monča\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-07-30 54704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-30 775696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e47d6d44-6479-461d-bfa3-dbd0dc5a9011}]
eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23 1529800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-30 775696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1446504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"bluebirds"=C:\Users\Monča\Bluebirds\BlueBirds.exe [2009-04-29 270336]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"EPSON Stylus DX6000 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE [2006-09-22 139264]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"DAEMON Tools"=C:\Program Files (x86)\DAEMON Tools\daemon.exe [2007-04-04 165784]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"MyWebSearch Email Plugin"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-30 32849]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-08-26 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"KTSInit"=0 []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-07-30 28783]
"MyWebSearch Email Plugin"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-30 32849]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-28 16:34:05 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-28 16:31:11 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-28 16:30:59 ----D---- C:\Program Files\Microsoft Security Essentials
2010-09-28 16:28:39 ----D---- C:\eb6d6b4a72542927ace1a0ef
2010-09-28 16:24:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-09-28 16:24:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-09-28 16:24:23 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-09-28 16:24:20 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-09-28 16:24:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-09-28 16:23:46 ----D---- C:\Users\Monča\AppData\Roaming\Malwarebytes
2010-09-28 16:23:36 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-09-28 16:23:35 ----D---- C:\ProgramData\Malwarebytes
2010-09-28 16:23:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-28 16:23:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-09-28 16:23:11 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-09-28 16:22:59 ----D---- C:\ProgramData\Alwil Software
2010-09-28 16:22:59 ----D---- C:\Program Files\Alwil Software
2010-09-28 16:20:43 ----D---- C:\rsit
2010-09-28 16:20:43 ----D---- C:\Program Files\trend micro
2010-09-20 09:34:40 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2010-09-20 09:34:40 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-20 09:34:38 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-20 09:34:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-09-20 09:34:35 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-20 09:34:34 ----A---- C:\Windows\SYSWOW64\usp10.dll
2010-09-20 09:34:34 ----A---- C:\Windows\system32\usp10.dll
2010-09-06 20:44:09 ----A---- C:\Windows\system32\lsdelete.exe
======List of files/folders modified in the last 1 months======
2010-09-28 16:36:37 ----D---- C:\Windows\Temp
2010-09-28 16:34:05 ----D---- C:\Windows\System32
2010-09-28 16:34:01 ----SHD---- C:\System Volume Information
2010-09-28 16:31:39 ----SHD---- C:\Windows\Installer
2010-09-28 16:31:16 ----D---- C:\Windows\system32\drivers
2010-09-28 16:31:16 ----D---- C:\Windows\system32\catroot
2010-09-28 16:31:11 ----SD---- C:\ProgramData\Microsoft
2010-09-28 16:31:11 ----RD---- C:\Program Files (x86)
2010-09-28 16:30:59 ----RD---- C:\Program Files
2010-09-28 16:27:46 ----D---- C:\ProgramData\Norton
2010-09-28 16:27:44 ----D---- C:\Program Files (x86)\Norton Internet Security
2010-09-28 16:27:33 ----D---- C:\Windows\system32\Tasks
2010-09-28 16:27:26 ----D---- C:\Program Files\Common Files
2010-09-28 16:26:40 ----D---- C:\ProgramData\NortonInstaller
2010-09-28 16:26:24 ----HD---- C:\ProgramData
2010-09-28 16:24:17 ----D---- C:\Windows\SysWOW64
2010-09-28 16:24:12 ----D---- C:\Windows\winsxs
2010-09-28 16:23:36 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-28 16:23:12 ----D---- C:\Windows
2010-09-28 16:20:48 ----D---- C:\Windows\Prefetch
2010-09-28 02:22:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-28 02:22:08 ----D---- C:\Windows\inf
2010-09-28 02:17:33 ----D---- C:\ProgramData\NVIDIA
2010-09-28 02:17:28 ----D---- C:\Program Files (x86)\Steam
2010-09-25 12:51:48 ----D---- C:\Program Files\Windows Mail
2010-09-25 12:51:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-09-25 12:47:23 ----A---- C:\Windows\system32\mrt.exe
2010-09-20 09:34:30 ----D---- C:\Windows\system32\catroot2
2010-09-06 20:44:09 ----D---- C:\Program Files (x86)\1250044139
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-07-03 68640]
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc); C:\Windows\system32\drivers\pe3ah4nc.sys [2007-05-18 72560]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc); C:\Windows\system32\drivers\ps6ah4nc.sys [2007-05-18 77176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-12 871408]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 173984]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/11 16:46:56]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-11-03 15680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2008-08-01 1498016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2008-08-05 56352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-03-16 13807976]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 28192]
R4 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSvia64.sys []
R4 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1106000.020\SYMDS64.SYS []
R4 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1106000.020\SYMEFA64.SYS []
R4 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 adyrqv0x;adyrqv0x; C:\Windows\system32\drivers\adyrqv0x.sys []
S3 asl1ybcp;asl1ybcp; C:\Windows\system32\drivers\asl1ybcp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 cpuz130;cpuz130; \??\C:\Users\MONA~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-02-09 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-02-09 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-02-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2009-02-09 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 726016]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-03-08 1029456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-07-30 28762]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 221696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-09-25 411432]
S2 Aladdin SQL Server;Aladdin SQL Server; C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe [2009-08-13 1160]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-12-21 829952]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\Windows\system32\pr2ah4nc.exe [2007-05-18 754288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
Pro jistotu zasílám log z RSIT.Nyní používám pouze Avast Free,Zone Alarm a origo Microsoft antivir.
Visty jsou origo. Pokud v logu objevíte cokoliv neorigo prosím o upozornění ihned mažu
Zde log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Monča at 2010-09-28 16:36:17
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 5 GB (2%) free of 238 GB
Total RAM: 3582 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:36, on 28.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
C:\Users\Monča\Bluebirds\BlueBirds.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\trend micro\Monča.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KTSInit] 0
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Aladdin SQL Server - Unknown owner - C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - Unknown owner - C:\Windows\system32\pr2ah4nc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13048 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {CFF27301-5CC7-496D-B9C5-9EC70A18ECC5}
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe"
taskeng.exe {2264AAF6-040B-451A-8AD3-75734FD399C6}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Monča\Bluebirds\BlueBirds.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE" /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
taskeng.exe {90FB456B-6CF1-4C7B-B7D0-2B1EC241F593}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
{3C9FF674-F5B0-4111-994E-E9702AE69259}
{28C87493-6E76-4052-9870-A8271E71823A}
{3674406E-8E84-4AC4-AE34-C37737E5E99A}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4252.8d17280.1480911294 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4252 plugin \\.\pipe\gecko-crash-server-pipe.4252
C:\Windows\system32\msiexec /V
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"c:\Program Files\Microsoft Security Essentials\MsMpEng.exe"
"C:\Program Files\Microsoft Security Essentials\msseces.exe" /UpdateAndQuickScan
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Monča\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-07-30 54704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-30 775696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e47d6d44-6479-461d-bfa3-dbd0dc5a9011}]
eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23 1529800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-30 775696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1446504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"bluebirds"=C:\Users\Monča\Bluebirds\BlueBirds.exe [2009-04-29 270336]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"EPSON Stylus DX6000 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE [2006-09-22 139264]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"DAEMON Tools"=C:\Program Files (x86)\DAEMON Tools\daemon.exe [2007-04-04 165784]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"MyWebSearch Email Plugin"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-30 32849]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-08-26 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"KTSInit"=0 []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-07-30 28783]
"MyWebSearch Email Plugin"=C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-30 32849]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-28 16:34:05 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-28 16:31:11 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-28 16:30:59 ----D---- C:\Program Files\Microsoft Security Essentials
2010-09-28 16:28:39 ----D---- C:\eb6d6b4a72542927ace1a0ef
2010-09-28 16:24:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-09-28 16:24:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-09-28 16:24:23 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-09-28 16:24:20 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-09-28 16:24:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-09-28 16:23:46 ----D---- C:\Users\Monča\AppData\Roaming\Malwarebytes
2010-09-28 16:23:36 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-09-28 16:23:35 ----D---- C:\ProgramData\Malwarebytes
2010-09-28 16:23:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-28 16:23:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-09-28 16:23:11 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-09-28 16:22:59 ----D---- C:\ProgramData\Alwil Software
2010-09-28 16:22:59 ----D---- C:\Program Files\Alwil Software
2010-09-28 16:20:43 ----D---- C:\rsit
2010-09-28 16:20:43 ----D---- C:\Program Files\trend micro
2010-09-20 09:34:40 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2010-09-20 09:34:40 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-20 09:34:38 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-20 09:34:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-09-20 09:34:35 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-20 09:34:34 ----A---- C:\Windows\SYSWOW64\usp10.dll
2010-09-20 09:34:34 ----A---- C:\Windows\system32\usp10.dll
2010-09-06 20:44:09 ----A---- C:\Windows\system32\lsdelete.exe
======List of files/folders modified in the last 1 months======
2010-09-28 16:36:37 ----D---- C:\Windows\Temp
2010-09-28 16:34:05 ----D---- C:\Windows\System32
2010-09-28 16:34:01 ----SHD---- C:\System Volume Information
2010-09-28 16:31:39 ----SHD---- C:\Windows\Installer
2010-09-28 16:31:16 ----D---- C:\Windows\system32\drivers
2010-09-28 16:31:16 ----D---- C:\Windows\system32\catroot
2010-09-28 16:31:11 ----SD---- C:\ProgramData\Microsoft
2010-09-28 16:31:11 ----RD---- C:\Program Files (x86)
2010-09-28 16:30:59 ----RD---- C:\Program Files
2010-09-28 16:27:46 ----D---- C:\ProgramData\Norton
2010-09-28 16:27:44 ----D---- C:\Program Files (x86)\Norton Internet Security
2010-09-28 16:27:33 ----D---- C:\Windows\system32\Tasks
2010-09-28 16:27:26 ----D---- C:\Program Files\Common Files
2010-09-28 16:26:40 ----D---- C:\ProgramData\NortonInstaller
2010-09-28 16:26:24 ----HD---- C:\ProgramData
2010-09-28 16:24:17 ----D---- C:\Windows\SysWOW64
2010-09-28 16:24:12 ----D---- C:\Windows\winsxs
2010-09-28 16:23:36 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-28 16:23:12 ----D---- C:\Windows
2010-09-28 16:20:48 ----D---- C:\Windows\Prefetch
2010-09-28 02:22:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-28 02:22:08 ----D---- C:\Windows\inf
2010-09-28 02:17:33 ----D---- C:\ProgramData\NVIDIA
2010-09-28 02:17:28 ----D---- C:\Program Files (x86)\Steam
2010-09-25 12:51:48 ----D---- C:\Program Files\Windows Mail
2010-09-25 12:51:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-09-25 12:47:23 ----A---- C:\Windows\system32\mrt.exe
2010-09-20 09:34:30 ----D---- C:\Windows\system32\catroot2
2010-09-06 20:44:09 ----D---- C:\Program Files (x86)\1250044139
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-07-03 68640]
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc); C:\Windows\system32\drivers\pe3ah4nc.sys [2007-05-18 72560]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc); C:\Windows\system32\drivers\ps6ah4nc.sys [2007-05-18 77176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-12 871408]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 173984]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/11 16:46:56]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-11-03 15680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2008-08-01 1498016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2008-08-05 56352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-03-16 13807976]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 28192]
R4 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSvia64.sys []
R4 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1106000.020\SYMDS64.SYS []
R4 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1106000.020\SYMEFA64.SYS []
R4 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 adyrqv0x;adyrqv0x; C:\Windows\system32\drivers\adyrqv0x.sys []
S3 asl1ybcp;asl1ybcp; C:\Windows\system32\drivers\asl1ybcp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 cpuz130;cpuz130; \??\C:\Users\MONA~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-02-09 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-02-09 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-02-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2009-02-09 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 726016]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-03-08 1029456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-07-30 28762]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 221696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-09-25 411432]
S2 Aladdin SQL Server;Aladdin SQL Server; C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe [2009-08-13 1160]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-12-21 829952]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\Windows\system32\pr2ah4nc.exe [2007-05-18 754288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
Re: Výsledek MBAMu aneb co odstranit?
To je log z RSIT po smazani MBAMem 
Staci jeden antivir - ten Microsoft odinstalujte - jinak Vam bude dochazet ke kolizi...
Staci jeden antivir - ten Microsoft odinstalujte - jinak Vam bude dochazet ke kolizi..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Výsledek MBAMu aneb co odstranit?
Tento by měl být po odstranění MBAMem :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Monča at 2010-09-28 17:17:35
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 5 GB (2%) free of 238 GB
Total RAM: 3582 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:17:46, on 28.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
C:\Users\Monča\Bluebirds\BlueBirds.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Monča.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KTSInit] 0
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Aladdin SQL Server - Unknown owner - C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - Unknown owner - C:\Windows\system32\pr2ah4nc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12888 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
taskeng.exe {7C744240-3322-4C64-97B9-7ACF0BE9ABAD}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {6D4B7C60-5694-4CD4-B348-1B8DD63636EA}
"C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Monča\Bluebirds\BlueBirds.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE" /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /set_event="FFAPI_StartEvent_ce4_1a15d" /icon="hidden"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{D59BE0FE-80AC-4976-97E2-0EB1330856A3}
{3B99EF28-DB24-4D21-B6A9-971732428935}
{7935AED9-FB90-4F7D-ABD2-7818C55AA120}
taskeng.exe {59EEB283-DAA6-43F0-8C93-33B7829C7587}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 696 700 708 65536 704
C:\Windows\system32\msiexec /V
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1216.693e160.595464012 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1216 plugin \\.\pipe\gecko-crash-server-pipe.1216
"C:\Users\Monča\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 895976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files (x86)\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e47d6d44-6479-461d-bfa3-dbd0dc5a9011}]
eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23 1529800]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 895976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files (x86)\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 1116136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"bluebirds"=C:\Users\Monča\Bluebirds\BlueBirds.exe [2009-04-29 270336]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"EPSON Stylus DX6000 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE [2006-09-22 139264]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"DAEMON Tools"=C:\Program Files (x86)\DAEMON Tools\daemon.exe [2007-04-04 165784]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-08-26 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"KTSInit"=0 []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-28 16:51:51 ----D---- C:\Users\Monča\AppData\Roaming\CheckPoint
2010-09-28 16:50:55 ----D---- C:\Program Files (x86)\ZoneAlarm
2010-09-28 16:50:40 ----D---- C:\Program Files\CheckPoint
2010-09-28 16:50:28 ----A---- C:\Windows\SYSWOW64\vsregexp.dll
2010-09-28 16:49:42 ----A---- C:\Windows\system32\drivers\netio.sys
2010-09-28 16:45:12 ----A---- C:\Windows\SYSWOW64\zlcommdb.dll
2010-09-28 16:45:11 ----A---- C:\Windows\SYSWOW64\zlcomm.dll
2010-09-28 16:45:07 ----A---- C:\Windows\SYSWOW64\vswmi.dll
2010-09-28 16:45:00 ----A---- C:\Windows\SYSWOW64\zpeng25.dll
2010-09-28 16:45:00 ----A---- C:\Windows\SYSWOW64\vsxml.dll
2010-09-28 16:44:58 ----D---- C:\Windows\SYSWOW64\ZoneLabs
2010-09-28 16:44:57 ----A---- C:\Windows\SYSWOW64\vspubapi.dll
2010-09-28 16:44:57 ----A---- C:\Windows\SYSWOW64\vsmonapi.dll
2010-09-28 16:44:56 ----A---- C:\Windows\system32\drivers\~GLH0023.TMP
2010-09-28 16:44:55 ----A---- C:\Windows\SYSWOW64\vsdata.dll
2010-09-28 16:44:02 ----N---- C:\Windows\system32\drivers\vsdatant.sys
2010-09-28 16:44:01 ----D---- C:\Program Files (x86)\Zone Labs
2010-09-28 16:43:35 ----D---- C:\ProgramData\CheckPoint
2010-09-28 16:43:33 ----D---- C:\Windows\Internet Logs
2010-09-28 16:43:31 ----A---- C:\Windows\SYSWOW64\vsutil.dll
2010-09-28 16:43:31 ----A---- C:\Windows\SYSWOW64\vsinit.dll
2010-09-28 16:34:05 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-28 16:31:11 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-28 16:24:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-09-28 16:24:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-09-28 16:24:23 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-09-28 16:24:20 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-09-28 16:24:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-09-28 16:23:46 ----D---- C:\Users\Monča\AppData\Roaming\Malwarebytes
2010-09-28 16:23:36 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-09-28 16:23:35 ----D---- C:\ProgramData\Malwarebytes
2010-09-28 16:23:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-28 16:23:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-09-28 16:23:11 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-09-28 16:22:59 ----D---- C:\ProgramData\Alwil Software
2010-09-28 16:22:59 ----D---- C:\Program Files\Alwil Software
2010-09-28 16:20:43 ----D---- C:\rsit
2010-09-28 16:20:43 ----D---- C:\Program Files\trend micro
2010-09-20 09:34:40 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2010-09-20 09:34:40 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-20 09:34:38 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-20 09:34:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-09-20 09:34:35 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-20 09:34:34 ----A---- C:\Windows\SYSWOW64\usp10.dll
2010-09-20 09:34:34 ----A---- C:\Windows\system32\usp10.dll
======List of files/folders modified in the last 1 months======
2010-09-28 17:17:34 ----D---- C:\Windows\Temp
2010-09-28 17:17:23 ----SHD---- C:\Windows\Installer
2010-09-28 17:17:23 ----RD---- C:\Program Files
2010-09-28 17:16:58 ----SD---- C:\ProgramData\Microsoft
2010-09-28 17:16:56 ----D---- C:\Windows\system32\drivers
2010-09-28 17:15:49 ----RD---- C:\Program Files (x86)
2010-09-28 17:15:10 ----D---- C:\Program Files (x86)\Steam
2010-09-28 17:14:37 ----D---- C:\ProgramData\NVIDIA
2010-09-28 17:13:34 ----HD---- C:\ProgramData
2010-09-28 17:11:44 ----D---- C:\ProgramData\Lavasoft
2010-09-28 17:11:42 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-28 17:11:40 ----D---- C:\Windows\System32
2010-09-28 17:11:27 ----D---- C:\Windows\inf
2010-09-28 17:11:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-28 17:03:09 ----SHD---- C:\System Volume Information
2010-09-28 17:03:09 ----D---- C:\ProgramData\Norton
2010-09-28 17:01:41 ----D---- C:\Users\Monča\AppData\Roaming\ICQ
2010-09-28 16:58:13 ----D---- C:\Windows\SysWOW64
2010-09-28 16:50:19 ----D---- C:\Windows
2010-09-28 16:50:07 ----D---- C:\Windows\winsxs
2010-09-28 16:49:59 ----D---- C:\Windows\system32\catroot
2010-09-28 16:44:56 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-28 16:27:33 ----D---- C:\Windows\system32\Tasks
2010-09-28 16:27:26 ----D---- C:\Program Files\Common Files
2010-09-28 16:26:40 ----D---- C:\ProgramData\NortonInstaller
2010-09-28 16:20:48 ----D---- C:\Windows\Prefetch
2010-09-25 12:51:48 ----D---- C:\Program Files\Windows Mail
2010-09-25 12:51:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-09-25 12:47:23 ----A---- C:\Windows\system32\mrt.exe
2010-09-20 09:34:30 ----D---- C:\Windows\system32\catroot2
2010-09-06 20:44:09 ----D---- C:\Program Files (x86)\1250044139
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc); C:\Windows\system32\drivers\pe3ah4nc.sys [2007-05-18 72560]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc); C:\Windows\system32\drivers\ps6ah4nc.sys [2007-05-18 77176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-12 871408]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 453720]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/11 16:46:56]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 33008]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-11-03 15680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2008-08-01 1498016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2008-08-05 56352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-03-16 13807976]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 28192]
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 ac8zkl3x;ac8zkl3x; C:\Windows\system32\drivers\ac8zkl3x.sys []
S3 ajpmfomj;ajpmfomj; C:\Windows\system32\drivers\ajpmfomj.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 cpuz130;cpuz130; \??\C:\Users\MONA~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-02-09 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-02-09 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-02-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2009-02-09 8192]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 726016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 823272]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 221696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-09-25 411432]
S2 Aladdin SQL Server;Aladdin SQL Server; C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe [2009-08-13 1160]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-12-21 829952]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\Windows\system32\pr2ah4nc.exe [2007-05-18 754288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
Už jsem smazal ten Microsofťácký antivir.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Monča at 2010-09-28 17:17:35
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 5 GB (2%) free of 238 GB
Total RAM: 3582 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:17:46, on 28.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
C:\Users\Monča\Bluebirds\BlueBirds.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Monča.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: eslprintables Toolbar - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KTSInit] 0
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Aladdin SQL Server - Unknown owner - C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - Unknown owner - C:\Windows\system32\pr2ah4nc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12888 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
taskeng.exe {7C744240-3322-4C64-97B9-7ACF0BE9ABAD}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {6D4B7C60-5694-4CD4-B348-1B8DD63636EA}
"C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Monča\Bluebirds\BlueBirds.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Windows\System32\spool\drivers\x64\3\E_FATIBIE.EXE" /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /set_event="FFAPI_StartEvent_ce4_1a15d" /icon="hidden"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{D59BE0FE-80AC-4976-97E2-0EB1330856A3}
{3B99EF28-DB24-4D21-B6A9-971732428935}
{7935AED9-FB90-4F7D-ABD2-7818C55AA120}
taskeng.exe {59EEB283-DAA6-43F0-8C93-33B7829C7587}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 696 700 708 65536 704
C:\Windows\system32\msiexec /V
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1216.693e160.595464012 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1216 plugin \\.\pipe\gecko-crash-server-pipe.1216
"C:\Users\Monča\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 895976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files (x86)\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e47d6d44-6479-461d-bfa3-dbd0dc5a9011}]
eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23 1529800]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 895976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - eslprintables Toolbar - C:\Program Files (x86)\eslprintables\tbeslp.dll [2010-05-20 2675296]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files (x86)\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 1116136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"bluebirds"=C:\Users\Monča\Bluebirds\BlueBirds.exe [2009-04-29 270336]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"EPSON Stylus DX6000 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE [2006-09-22 139264]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"DAEMON Tools"=C:\Program Files (x86)\DAEMON Tools\daemon.exe [2007-04-04 165784]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-08-26 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"KTSInit"=0 []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-28 16:51:51 ----D---- C:\Users\Monča\AppData\Roaming\CheckPoint
2010-09-28 16:50:55 ----D---- C:\Program Files (x86)\ZoneAlarm
2010-09-28 16:50:40 ----D---- C:\Program Files\CheckPoint
2010-09-28 16:50:28 ----A---- C:\Windows\SYSWOW64\vsregexp.dll
2010-09-28 16:49:42 ----A---- C:\Windows\system32\drivers\netio.sys
2010-09-28 16:45:12 ----A---- C:\Windows\SYSWOW64\zlcommdb.dll
2010-09-28 16:45:11 ----A---- C:\Windows\SYSWOW64\zlcomm.dll
2010-09-28 16:45:07 ----A---- C:\Windows\SYSWOW64\vswmi.dll
2010-09-28 16:45:00 ----A---- C:\Windows\SYSWOW64\zpeng25.dll
2010-09-28 16:45:00 ----A---- C:\Windows\SYSWOW64\vsxml.dll
2010-09-28 16:44:58 ----D---- C:\Windows\SYSWOW64\ZoneLabs
2010-09-28 16:44:57 ----A---- C:\Windows\SYSWOW64\vspubapi.dll
2010-09-28 16:44:57 ----A---- C:\Windows\SYSWOW64\vsmonapi.dll
2010-09-28 16:44:56 ----A---- C:\Windows\system32\drivers\~GLH0023.TMP
2010-09-28 16:44:55 ----A---- C:\Windows\SYSWOW64\vsdata.dll
2010-09-28 16:44:02 ----N---- C:\Windows\system32\drivers\vsdatant.sys
2010-09-28 16:44:01 ----D---- C:\Program Files (x86)\Zone Labs
2010-09-28 16:43:35 ----D---- C:\ProgramData\CheckPoint
2010-09-28 16:43:33 ----D---- C:\Windows\Internet Logs
2010-09-28 16:43:31 ----A---- C:\Windows\SYSWOW64\vsutil.dll
2010-09-28 16:43:31 ----A---- C:\Windows\SYSWOW64\vsinit.dll
2010-09-28 16:34:05 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-28 16:31:11 ----D---- C:\Program Files (x86)\Microsoft Antimalware
2010-09-28 16:24:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-09-28 16:24:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-09-28 16:24:23 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-09-28 16:24:20 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-09-28 16:24:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-09-28 16:23:46 ----D---- C:\Users\Monča\AppData\Roaming\Malwarebytes
2010-09-28 16:23:36 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-09-28 16:23:35 ----D---- C:\ProgramData\Malwarebytes
2010-09-28 16:23:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-28 16:23:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-09-28 16:23:11 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-09-28 16:22:59 ----D---- C:\ProgramData\Alwil Software
2010-09-28 16:22:59 ----D---- C:\Program Files\Alwil Software
2010-09-28 16:20:43 ----D---- C:\rsit
2010-09-28 16:20:43 ----D---- C:\Program Files\trend micro
2010-09-20 09:34:40 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2010-09-20 09:34:40 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-20 09:34:38 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-20 09:34:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-09-20 09:34:35 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-20 09:34:34 ----A---- C:\Windows\SYSWOW64\usp10.dll
2010-09-20 09:34:34 ----A---- C:\Windows\system32\usp10.dll
======List of files/folders modified in the last 1 months======
2010-09-28 17:17:34 ----D---- C:\Windows\Temp
2010-09-28 17:17:23 ----SHD---- C:\Windows\Installer
2010-09-28 17:17:23 ----RD---- C:\Program Files
2010-09-28 17:16:58 ----SD---- C:\ProgramData\Microsoft
2010-09-28 17:16:56 ----D---- C:\Windows\system32\drivers
2010-09-28 17:15:49 ----RD---- C:\Program Files (x86)
2010-09-28 17:15:10 ----D---- C:\Program Files (x86)\Steam
2010-09-28 17:14:37 ----D---- C:\ProgramData\NVIDIA
2010-09-28 17:13:34 ----HD---- C:\ProgramData
2010-09-28 17:11:44 ----D---- C:\ProgramData\Lavasoft
2010-09-28 17:11:42 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-28 17:11:40 ----D---- C:\Windows\System32
2010-09-28 17:11:27 ----D---- C:\Windows\inf
2010-09-28 17:11:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-28 17:03:09 ----SHD---- C:\System Volume Information
2010-09-28 17:03:09 ----D---- C:\ProgramData\Norton
2010-09-28 17:01:41 ----D---- C:\Users\Monča\AppData\Roaming\ICQ
2010-09-28 16:58:13 ----D---- C:\Windows\SysWOW64
2010-09-28 16:50:19 ----D---- C:\Windows
2010-09-28 16:50:07 ----D---- C:\Windows\winsxs
2010-09-28 16:49:59 ----D---- C:\Windows\system32\catroot
2010-09-28 16:44:56 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-28 16:27:33 ----D---- C:\Windows\system32\Tasks
2010-09-28 16:27:26 ----D---- C:\Program Files\Common Files
2010-09-28 16:26:40 ----D---- C:\ProgramData\NortonInstaller
2010-09-28 16:20:48 ----D---- C:\Windows\Prefetch
2010-09-25 12:51:48 ----D---- C:\Program Files\Windows Mail
2010-09-25 12:51:48 ----D---- C:\Program Files (x86)\Windows Mail
2010-09-25 12:47:23 ----A---- C:\Windows\system32\mrt.exe
2010-09-20 09:34:30 ----D---- C:\Windows\system32\catroot2
2010-09-06 20:44:09 ----D---- C:\Program Files (x86)\1250044139
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc); C:\Windows\system32\drivers\pe3ah4nc.sys [2007-05-18 72560]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc); C:\Windows\system32\drivers\ps6ah4nc.sys [2007-05-18 77176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-12 871408]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 453720]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/11 16:46:56]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 33008]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-11-03 15680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2008-08-01 1498016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2008-08-05 56352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-03-16 13807976]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 28192]
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 ac8zkl3x;ac8zkl3x; C:\Windows\system32\drivers\ac8zkl3x.sys []
S3 ajpmfomj;ajpmfomj; C:\Windows\system32\drivers\ajpmfomj.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 cpuz130;cpuz130; \??\C:\Users\MONA~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2009-02-09 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2009-02-09 18944]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-21 4161536]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2009-02-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2009-02-09 8192]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 726016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 823272]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 221696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-03-16 159336]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-09-25 411432]
S2 Aladdin SQL Server;Aladdin SQL Server; C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe [2009-08-13 1160]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-12-21 829952]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\Windows\system32\pr2ah4nc.exe [2007-05-18 754288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
Už jsem smazal ten Microsofťácký antivir.
Re: Výsledek MBAMu aneb co odstranit?
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
- DAEMON Tools Toolbar
eslprintables Toolbar
ZoneAlarm Toolbar
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys autochk.exe /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Výsledek MBAMu aneb co odstranit?
Zde je 1.část OTL
OTL logfile created on: 28.9.2010 17:30:17 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monča\Desktop
64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 4,37 Gb Free Space | 1,88% Space Free | Partition Type: NTFS
Drive D: | 51,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONCA
Current User Name: Monča
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - File not found -- C:\Windows\SysWow64\spool\drivers\x64\3\E_FATIBIE.EXE
PRC - [2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
PRC - [2010.09.25 12:43:02 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.26 19:56:15 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010.08.02 22:38:27 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.08.02 22:38:26 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010.06.23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.03.16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.03.13 12:58:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.11.16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.05.11 14:15:00 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics) -- C:\Users\Monča\Bluebirds\BlueBirds.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009.03.30 10:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.11.18 04:27:38 | 000,621,056 | R--- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
PRC - [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.04.04 00:29:15 | 000,165,784 | ---- | M] (DT Soft Ltd.) -- C:\Program Files (x86)\DAEMON Tools\daemon.exe
PRC - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2006.04.18 04:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
========== Modules (SafeList) ==========
MOD - [2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
MOD - [2010.05.26 15:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2009.12.23 13:33:29 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009.03.30 06:42:16 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll
MOD - [2009.03.30 06:42:16 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll
MOD - [2008.01.21 04:47:51 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008.01.21 04:46:29 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.05.26 15:35:34 | 000,823,272 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2008.09.08 11:11:02 | 000,726,016 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2008.09.08 11:09:52 | 000,221,696 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2008.01.21 04:45:23 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.12.21 05:01:26 | 000,829,952 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2007.05.18 21:53:45 | 000,754,288 | ---- | M] (CODEMASTERS) [Auto | Stopped] -- C:\Windows\SysNative\pr2ah4nc.exe -- (pr2ah4nc)
SRV - [2010.09.25 12:43:02 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.03.16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.08.13 14:16:37 | 000,001,160 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe -- (Aladdin SQL Server)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.04.18 04:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.05.26 15:35:12 | 000,033,008 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010.05.15 16:30:50 | 000,453,720 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.08.12 13:08:17 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.04.11 07:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.02.09 08:38:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.02.09 08:38:34 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.02.09 08:38:34 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.02.09 08:38:32 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008.09.17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.08.05 06:29:26 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2007.12.21 05:56:28 | 004,161,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2007.12.21 05:56:28 | 004,161,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2007.05.18 21:53:12 | 000,072,560 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pe3ah4nc.sys -- (pe3ah4nc) DiRT Environment Driver (pe3ah4nc)
DRV:64bit: - [2007.05.18 21:52:49 | 000,077,176 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ps6ah4nc.sys -- (ps6ah4nc) DiRT Synchronization Driver (ps6ah4nc)
DRV:64bit: - [2007.04.17 12:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006.11.10 15:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ATITool64.sys -- (ATITool)
DRV:64bit: - [2006.11.03 02:00:00 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2005.06.14 13:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010.03.13 12:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/11 16:46:56] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.idnes.cz/"
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2611275&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.09.19 15:02:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2010.09.28 16:51:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.02 22:38:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.03 12:35:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010.02.06 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Extensions
[2010.09.28 17:05:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions
[2010.06.15 16:23:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.15 16:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
[2010.09.28 16:51:07 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010.05.27 21:34:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\radiobar@toolbar
[2010.09.01 19:56:32 | 000,000,861 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\conduit.xml
[2010.07.30 14:58:50 | 000,010,017 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\mywebsearch.xml
[2010.05.27 21:34:35 | 000,001,589 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\web-search.xml
[2010.04.04 11:38:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.02 22:38:28 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.02 22:38:28 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.02 22:38:28 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.02 22:38:28 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.02 22:38:28 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.04 12:49:18 | 000,000,996 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 a204-2-160-40.deploy.akamaitechnologies.com
O1 - Hosts: 127.0.0.1 symantec.com.102.112.2o7.net
O1 - Hosts: 127.0.0.1 a96-7-151-238.deploy.akamaitechnologies.com
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (eslprintables Toolbar) - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (eslprintables Toolbar) - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (eslprintables Toolbar) - {E47D6D44-6479-461D-BFA3-DBD0DC5A9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KTSInit] File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe (LG Electronics)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [DAEMON Tools] C:\Program Files (x86)\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [EPSON Stylus DX6000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBIE.EXE File not found
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysNative\nvLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Monča\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Monča\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8ab249c0-2a20-11df-a3c5-00248cd5e4ae}\Shell - "" = AutoRun
O33 - MountPoints2\{8ab249c0-2a20-11df-a3c5-00248cd5e4ae}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.alf2cd - C:\Windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.mp42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2010.09.28 17:29:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
[2010.09.28 16:51:53 | 000,000,000 | ---D | C] -- C:\Users\Monča\Documents\ForceField Shared Files
[2010.09.28 16:51:51 | 000,000,000 | ---D | C] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2010.09.28 16:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm
[2010.09.28 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.09.28 16:50:28 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll
[2010.09.28 16:49:42 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010.09.28 16:45:12 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll
[2010.09.28 16:45:11 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll
[2010.09.28 16:45:07 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll
[2010.09.28 16:45:00 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll
[2010.09.28 16:45:00 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll
[2010.09.28 16:44:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2010.09.28 16:44:57 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll
[2010.09.28 16:44:57 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll
[2010.09.28 16:44:55 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll
[2010.09.28 16:44:02 | 000,453,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys
[2010.09.28 16:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2010.09.28 16:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010.09.28 16:43:33 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010.09.28 16:43:31 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll
[2010.09.28 16:43:31 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll
OTL logfile created on: 28.9.2010 17:30:17 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monča\Desktop
64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 4,37 Gb Free Space | 1,88% Space Free | Partition Type: NTFS
Drive D: | 51,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONCA
Current User Name: Monča
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - File not found -- C:\Windows\SysWow64\spool\drivers\x64\3\E_FATIBIE.EXE
PRC - [2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
PRC - [2010.09.25 12:43:02 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.26 19:56:15 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010.08.02 22:38:27 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.08.02 22:38:26 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010.06.23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.03.16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.03.13 12:58:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.11.16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.05.11 14:15:00 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics) -- C:\Users\Monča\Bluebirds\BlueBirds.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009.03.30 10:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.11.18 04:27:38 | 000,621,056 | R--- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.00.80\aaCenter.exe
PRC - [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.04.04 00:29:15 | 000,165,784 | ---- | M] (DT Soft Ltd.) -- C:\Program Files (x86)\DAEMON Tools\daemon.exe
PRC - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2006.04.18 04:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
========== Modules (SafeList) ==========
MOD - [2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
MOD - [2010.05.26 15:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
MOD - [2009.12.23 13:33:29 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009.03.30 06:42:16 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll
MOD - [2009.03.30 06:42:16 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll
MOD - [2008.01.21 04:47:51 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008.01.21 04:46:29 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.05.26 15:35:34 | 000,823,272 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2008.09.08 11:11:02 | 000,726,016 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2008.09.08 11:09:52 | 000,221,696 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2008.01.21 04:45:23 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.12.21 05:01:26 | 000,829,952 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2007.05.18 21:53:45 | 000,754,288 | ---- | M] (CODEMASTERS) [Auto | Stopped] -- C:\Windows\SysNative\pr2ah4nc.exe -- (pr2ah4nc)
SRV - [2010.09.25 12:43:02 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.03.16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.08.13 14:16:37 | 000,001,160 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Aladdin\Aladdin SQL Server\AladdinSQL.exe -- (Aladdin SQL Server)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.04.18 04:00:00 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.05.26 15:35:12 | 000,033,008 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2010.05.15 16:30:50 | 000,453,720 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.08.12 13:08:17 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.04.11 07:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.02.09 08:38:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009.02.09 08:38:34 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009.02.09 08:38:34 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009.02.09 08:38:32 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008.09.17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.08.05 06:29:26 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2007.12.21 05:56:28 | 004,161,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2007.12.21 05:56:28 | 004,161,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2007.05.18 21:53:12 | 000,072,560 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pe3ah4nc.sys -- (pe3ah4nc) DiRT Environment Driver (pe3ah4nc)
DRV:64bit: - [2007.05.18 21:52:49 | 000,077,176 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ps6ah4nc.sys -- (ps6ah4nc) DiRT Synchronization Driver (ps6ah4nc)
DRV:64bit: - [2007.04.17 12:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006.11.10 15:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ATITool64.sys -- (ATITool)
DRV:64bit: - [2006.11.03 02:00:00 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2005.06.14 13:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010.03.13 12:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/11 16:46:56] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.idnes.cz/"
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2611275&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.09.19 15:02:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2010.09.28 16:51:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.02 22:38:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.03 12:35:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010.02.06 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Extensions
[2010.09.28 17:05:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions
[2010.06.15 16:23:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.15 16:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
[2010.09.28 16:51:07 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010.05.27 21:34:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\extensions\radiobar@toolbar
[2010.09.01 19:56:32 | 000,000,861 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\conduit.xml
[2010.07.30 14:58:50 | 000,010,017 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\mywebsearch.xml
[2010.05.27 21:34:35 | 000,001,589 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\web-search.xml
[2010.04.04 11:38:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.02 22:38:28 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.02 22:38:28 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.02 22:38:28 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.02 22:38:28 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.02 22:38:28 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.04 12:49:18 | 000,000,996 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 a204-2-160-40.deploy.akamaitechnologies.com
O1 - Hosts: 127.0.0.1 symantec.com.102.112.2o7.net
O1 - Hosts: 127.0.0.1 a96-7-151-238.deploy.akamaitechnologies.com
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (eslprintables Toolbar) - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (eslprintables Toolbar) - {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\Toolbar\WebBrowser: (eslprintables Toolbar) - {E47D6D44-6479-461D-BFA3-DBD0DC5A9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KTSInit] File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [bluebirds] C:\Users\Monča\Bluebirds\BlueBirds.exe (LG Electronics)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [DAEMON Tools] C:\Program Files (x86)\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [EPSON Stylus DX6000 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_FATIBIE.EXE File not found
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\nvLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysNative\nvLsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Monča\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Monča\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8ab249c0-2a20-11df-a3c5-00248cd5e4ae}\Shell - "" = AutoRun
O33 - MountPoints2\{8ab249c0-2a20-11df-a3c5-00248cd5e4ae}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.alf2cd - C:\Windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.mp42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2010.09.28 17:29:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
[2010.09.28 16:51:53 | 000,000,000 | ---D | C] -- C:\Users\Monča\Documents\ForceField Shared Files
[2010.09.28 16:51:51 | 000,000,000 | ---D | C] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2010.09.28 16:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm
[2010.09.28 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.09.28 16:50:28 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll
[2010.09.28 16:49:42 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010.09.28 16:45:12 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll
[2010.09.28 16:45:11 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll
[2010.09.28 16:45:07 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll
[2010.09.28 16:45:00 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll
[2010.09.28 16:45:00 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll
[2010.09.28 16:44:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2010.09.28 16:44:57 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll
[2010.09.28 16:44:57 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll
[2010.09.28 16:44:55 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll
[2010.09.28 16:44:02 | 000,453,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys
[2010.09.28 16:44:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2010.09.28 16:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010.09.28 16:43:33 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010.09.28 16:43:31 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll
[2010.09.28 16:43:31 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll
Re: Výsledek MBAMu aneb co odstranit?
[2010.09.28 16:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010.09.28 16:29:19 | 007,581,184 | ---- | C] (Microsoft Corporation) -- C:\Users\Monča\Desktop\mssefullinstall-amd64fre-cs-cz-vista-win7.exe
[2010.09.28 16:24:26 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.28 16:24:25 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.28 16:24:23 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.28 16:24:20 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.28 16:24:17 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.28 16:23:46 | 000,000,000 | ---D | C] -- C:\Users\Monča\AppData\Roaming\Malwarebytes
[2010.09.28 16:23:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.28 16:23:35 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.28 16:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.28 16:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.28 16:23:12 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.28 16:23:11 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.28 16:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.09.28 16:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.09.28 16:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.28 16:20:43 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.28 17:35:12 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
[2010.09.28 17:35:11 | 002,097,152 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT
[2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
[2010.09.28 17:20:47 | 001,393,902 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.28 17:20:47 | 000,598,594 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.28 17:20:47 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.28 17:20:47 | 000,114,786 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.28 17:20:47 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.28 17:15:37 | 000,001,356 | ---- | M] () -- C:\Users\Monča\AppData\Local\d3d9caps.dat
[2010.09.28 17:14:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.28 17:14:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 17:14:16 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 17:14:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.28 17:12:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.28 17:12:10 | 000,524,288 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT{66f6294e-256c-11df-aa45-00248cd5e4ae}.TMContainer00000000000000000001.regtrans-ms
[2010.09.28 17:12:10 | 000,065,536 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT{66f6294e-256c-11df-aa45-00248cd5e4ae}.TM.blf
[2010.09.28 17:12:07 | 002,304,501 | -H-- | M] () -- C:\Users\Monča\AppData\Local\IconCache.db
[2010.09.28 16:52:13 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010.09.28 16:50:33 | 000,000,934 | ---- | M] () -- C:\Users\Monča\Desktop\ZoneAlarm Security.lnk
[2010.09.28 16:29:29 | 007,581,184 | ---- | M] (Microsoft Corporation) -- C:\Users\Monča\Desktop\mssefullinstall-amd64fre-cs-cz-vista-win7.exe
[2010.09.28 16:24:27 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.09.28 16:24:17 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.09.28 16:23:40 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.28 16:50:33 | 000,000,934 | ---- | C] () -- C:\Users\Monča\Desktop\ZoneAlarm Security.lnk
[2010.09.28 16:44:56 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010.09.28 16:24:26 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.09.28 16:24:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.09.28 16:23:40 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.28 16:23:16 | 000,439,306 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistMSI0FB7.txt
[2010.09.28 16:23:15 | 000,011,744 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistUI0FB7.txt
[2010.07.04 18:39:34 | 000,374,638 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistMSI389D.txt
[2010.07.04 18:39:34 | 000,011,378 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistUI389D.txt
[2010.04.27 20:56:48 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2009.12.19 00:03:35 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.12.19 00:03:35 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D52AD6BFD2.sys
[2009.12.18 23:50:14 | 000,000,098 | ---- | C] () -- C:\Users\Monča\AppData\Roaming\AVSMediaPlayer.m3u
[2009.10.07 18:34:13 | 000,002,767 | ---- | C] () -- C:\Windows\RbSystem.ini
[2009.10.07 18:32:58 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\PWUtility.dll
[2009.10.07 18:32:58 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\dtctrace.dll
[2009.10.07 18:32:57 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\xcd73532.dll
[2009.10.07 18:32:45 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll
[2009.10.07 18:32:45 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll
[2009.10.07 18:30:51 | 000,000,544 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2009.09.26 10:04:21 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.26 10:04:19 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.09.17 16:28:02 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.09.17 16:26:35 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.08.25 21:26:52 | 000,000,065 | ---- | C] () -- C:\Users\Monča\AppData\Roaming\default.pls
[2009.08.12 13:12:40 | 000,001,356 | ---- | C] () -- C:\Users\Monča\AppData\Local\d3d9caps.dat
[2009.08.12 12:53:16 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.08.12 10:19:31 | 000,151,552 | ---- | C] () -- C:\Users\Monča\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.11 22:52:30 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.08.11 22:52:30 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.08.11 22:52:26 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.08.11 22:52:26 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.08.11 22:50:35 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.08.11 22:49:44 | 000,023,665 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009.08.11 22:49:06 | 000,023,665 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.08.11 22:34:08 | 000,002,188 | ---- | C] () -- C:\Users\Monča\AppData\Local\d3d9caps64.dat
[2009.06.02 18:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.29 16:52:26 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 16:47:06 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.01.21 04:47:53 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
========== LOP Check ==========
[2009.08.13 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\2hcs
[2010.09.28 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2009.08.12 13:15:11 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Lite
[2009.08.12 19:52:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Pro
[2010.01.06 22:47:26 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\EPSON
[2009.09.20 11:41:12 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\GARMIN
[2010.09.28 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ICQ
[2010.03.13 20:56:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mount&Blade
[2009.09.19 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nokia
[2009.08.12 08:10:31 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Opera
[2009.09.27 12:46:39 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\PC Suite
[2009.08.16 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\VistaCodecs
[2010.07.22 21:35:53 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Web Page Maker
[2010.08.31 22:40:09 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010.09.28 17:12:20 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.28 17:35:12 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 09:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"bluebirds" = C:\Users\Monča\Bluebirds\BlueBirds.exe -- [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"LightScribe Control Panel" = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.04.13 15:11:54 | 002,387,968 | ---- | M] (Hewlett-Packard Company)
"EPSON Stylus DX6000 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU" -- File not found
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)
"DAEMON Tools" = "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033 -- [2007.04.04 00:29:15 | 000,165,784 | ---- | M] (DT Soft Ltd.)
"ICQ" = "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2009.11.16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"WMPNSCFG" = C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe -- File not found
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2010.08.26 19:56:15 | 001,242,448 | ---- | M] (Valve Corporation)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.08.13 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\2hcs
[2009.08.14 17:48:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Adobe
[2009.08.12 12:57:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ATI
[2010.09.28 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2009.12.19 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Corel
[2010.04.11 18:57:33 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CyberLink
[2009.08.12 13:15:11 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Lite
[2009.08.12 19:52:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Pro
[2010.01.06 22:47:26 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\EPSON
[2009.09.20 11:41:12 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\GARMIN
[2010.09.28 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ICQ
[2009.08.11 22:34:13 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Identities
[2009.08.12 07:30:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Macromedia
[2010.09.28 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Malwarebytes
[2010.03.19 19:30:19 | 000,000,000 | --SD | M] -- C:\Users\Monča\AppData\Roaming\Microsoft
[2010.03.13 20:56:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mount&Blade
[2010.02.06 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla
[2009.08.12 12:53:27 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nero
[2010.02.14 17:46:28 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\NeroDCTemplates
[2009.09.19 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nokia
[2009.08.12 08:10:31 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Opera
[2009.09.27 12:46:39 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\PC Suite
[2009.08.11 22:55:42 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Symantec
[2009.08.16 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\VistaCodecs
[2010.07.22 21:35:53 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Web Page Maker
[2009.08.12 11:57:48 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.01.31 13:23:06 | 000,211,485 | ---- | M] ( ) -- C:\Users\Monča\AppData\Roaming\2hcs\FAKTURACE3\sestavy\sestavy.exe
[2010.01.19 21:17:59 | 000,050,008 | R--- | M] () -- C:\Users\Monča\AppData\Roaming\Microsoft\Installer\{54DBD56C-3E97-4D9F-8851-B0FDDF976876}\_6FEFF9B68218417F98F549.exe
< MD5 for: AGP440.SYS >
[2008.01.21 04:44:43 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:44:43 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 04:44:42 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:48:15 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.21 04:47:26 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:44:46 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2008.01.21 04:46:59 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008.01.21 04:47:45 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 08:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 04:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 07:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 04:46:34 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 04:47:14 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.21 04:44:43 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:44:51 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2008.01.21 04:44:43 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.21 04:44:43 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 17:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.02.13 10:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 13:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.02.13 07:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 16:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009.02.13 09:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2008.01.21 04:48:26 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 04:48:51 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:46:20 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.21 04:44:46 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2008.01.21 04:44:46 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:48:17 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:47:39 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.21 04:48:24 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 04:48:13 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010.04.06 10:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2009.12.08 20:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 17:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 16:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 14:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 20:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 17:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 16:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009.08.14 18:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 04:49:04 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 14:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 18:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009.12.08 22:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 10:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.04.05 19:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010.06.16 19:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 09:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 18:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 16:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 20:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 23:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 01:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 18:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.16 00:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009.12.08 22:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 22:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 10:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:47:35 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:47:36 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:48:26 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:47:34 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.28 16:24:17 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Monča\Desktop\Kick.Ass.TS.XViD-IMAGiNE.avi:TOC.WMV
< End of report >
[2010.09.28 16:29:19 | 007,581,184 | ---- | C] (Microsoft Corporation) -- C:\Users\Monča\Desktop\mssefullinstall-amd64fre-cs-cz-vista-win7.exe
[2010.09.28 16:24:26 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.28 16:24:25 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.28 16:24:23 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.28 16:24:20 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.28 16:24:17 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.28 16:23:46 | 000,000,000 | ---D | C] -- C:\Users\Monča\AppData\Roaming\Malwarebytes
[2010.09.28 16:23:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.28 16:23:35 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.28 16:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.28 16:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.28 16:23:12 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.28 16:23:11 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.28 16:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.09.28 16:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.09.28 16:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.28 16:20:43 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.28 17:35:12 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
[2010.09.28 17:35:11 | 002,097,152 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT
[2010.09.28 17:27:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Monča\Desktop\OTL.exe
[2010.09.28 17:20:47 | 001,393,902 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.28 17:20:47 | 000,598,594 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.28 17:20:47 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.28 17:20:47 | 000,114,786 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.28 17:20:47 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.28 17:15:37 | 000,001,356 | ---- | M] () -- C:\Users\Monča\AppData\Local\d3d9caps.dat
[2010.09.28 17:14:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.28 17:14:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 17:14:16 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 17:14:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.28 17:12:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.28 17:12:10 | 000,524,288 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT{66f6294e-256c-11df-aa45-00248cd5e4ae}.TMContainer00000000000000000001.regtrans-ms
[2010.09.28 17:12:10 | 000,065,536 | -HS- | M] () -- C:\Users\Monča\NTUSER.DAT{66f6294e-256c-11df-aa45-00248cd5e4ae}.TM.blf
[2010.09.28 17:12:07 | 002,304,501 | -H-- | M] () -- C:\Users\Monča\AppData\Local\IconCache.db
[2010.09.28 16:52:13 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010.09.28 16:50:33 | 000,000,934 | ---- | M] () -- C:\Users\Monča\Desktop\ZoneAlarm Security.lnk
[2010.09.28 16:29:29 | 007,581,184 | ---- | M] (Microsoft Corporation) -- C:\Users\Monča\Desktop\mssefullinstall-amd64fre-cs-cz-vista-win7.exe
[2010.09.28 16:24:27 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.09.28 16:24:17 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.09.28 16:23:40 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.28 16:50:33 | 000,000,934 | ---- | C] () -- C:\Users\Monča\Desktop\ZoneAlarm Security.lnk
[2010.09.28 16:44:56 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010.09.28 16:24:26 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.09.28 16:24:17 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.09.28 16:23:40 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.28 16:23:16 | 000,439,306 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistMSI0FB7.txt
[2010.09.28 16:23:15 | 000,011,744 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistUI0FB7.txt
[2010.07.04 18:39:34 | 000,374,638 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistMSI389D.txt
[2010.07.04 18:39:34 | 000,011,378 | ---- | C] () -- C:\Users\Monča\AppData\Local\dd_vcredistUI389D.txt
[2010.04.27 20:56:48 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2009.12.19 00:03:35 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.12.19 00:03:35 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D52AD6BFD2.sys
[2009.12.18 23:50:14 | 000,000,098 | ---- | C] () -- C:\Users\Monča\AppData\Roaming\AVSMediaPlayer.m3u
[2009.10.07 18:34:13 | 000,002,767 | ---- | C] () -- C:\Windows\RbSystem.ini
[2009.10.07 18:32:58 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\PWUtility.dll
[2009.10.07 18:32:58 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\dtctrace.dll
[2009.10.07 18:32:57 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\xcd73532.dll
[2009.10.07 18:32:45 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll
[2009.10.07 18:32:45 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll
[2009.10.07 18:30:51 | 000,000,544 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2009.09.26 10:04:21 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.26 10:04:19 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.09.17 16:28:02 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.09.17 16:26:35 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.08.25 21:26:52 | 000,000,065 | ---- | C] () -- C:\Users\Monča\AppData\Roaming\default.pls
[2009.08.12 13:12:40 | 000,001,356 | ---- | C] () -- C:\Users\Monča\AppData\Local\d3d9caps.dat
[2009.08.12 12:53:16 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.08.12 10:19:31 | 000,151,552 | ---- | C] () -- C:\Users\Monča\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.11 22:52:30 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.08.11 22:52:30 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.08.11 22:52:26 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.08.11 22:52:26 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.08.11 22:50:35 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.08.11 22:49:44 | 000,023,665 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009.08.11 22:49:06 | 000,023,665 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.08.11 22:34:08 | 000,002,188 | ---- | C] () -- C:\Users\Monča\AppData\Local\d3d9caps64.dat
[2009.06.02 18:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.29 16:52:26 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 16:47:06 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.01.21 04:47:53 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
========== LOP Check ==========
[2009.08.13 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\2hcs
[2010.09.28 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2009.08.12 13:15:11 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Lite
[2009.08.12 19:52:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Pro
[2010.01.06 22:47:26 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\EPSON
[2009.09.20 11:41:12 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\GARMIN
[2010.09.28 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ICQ
[2010.03.13 20:56:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mount&Blade
[2009.09.19 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nokia
[2009.08.12 08:10:31 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Opera
[2009.09.27 12:46:39 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\PC Suite
[2009.08.16 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\VistaCodecs
[2010.07.22 21:35:53 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Web Page Maker
[2010.08.31 22:40:09 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010.09.28 17:12:20 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.28 17:35:12 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A3D5624E-EFA1-43AF-8AC7-69E5AD473DE5}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 09:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"bluebirds" = C:\Users\Monča\Bluebirds\BlueBirds.exe -- [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"LightScribe Control Panel" = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.04.13 15:11:54 | 002,387,968 | ---- | M] (Hewlett-Packard Company)
"EPSON Stylus DX6000 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S6E.tmp" /EF "HKCU" -- File not found
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)
"DAEMON Tools" = "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033 -- [2007.04.04 00:29:15 | 000,165,784 | ---- | M] (DT Soft Ltd.)
"ICQ" = "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2009.11.16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"WMPNSCFG" = C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe -- File not found
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2010.08.26 19:56:15 | 001,242,448 | ---- | M] (Valve Corporation)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.08.13 09:44:06 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\2hcs
[2009.08.14 17:48:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Adobe
[2009.08.12 12:57:29 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ATI
[2010.09.28 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CheckPoint
[2009.12.19 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Corel
[2010.04.11 18:57:33 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\CyberLink
[2009.08.12 13:15:11 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Lite
[2009.08.12 19:52:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\DAEMON Tools Pro
[2010.01.06 22:47:26 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\EPSON
[2009.09.20 11:41:12 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\GARMIN
[2010.09.28 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\ICQ
[2009.08.11 22:34:13 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Identities
[2009.08.12 07:30:15 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Macromedia
[2010.09.28 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Malwarebytes
[2010.03.19 19:30:19 | 000,000,000 | --SD | M] -- C:\Users\Monča\AppData\Roaming\Microsoft
[2010.03.13 20:56:21 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mount&Blade
[2010.02.06 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Mozilla
[2009.08.12 12:53:27 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nero
[2010.02.14 17:46:28 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\NeroDCTemplates
[2009.09.19 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Nokia
[2009.08.12 08:10:31 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Opera
[2009.09.27 12:46:39 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\PC Suite
[2009.08.11 22:55:42 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Symantec
[2009.08.16 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\VistaCodecs
[2010.07.22 21:35:53 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\Web Page Maker
[2009.08.12 11:57:48 | 000,000,000 | ---D | M] -- C:\Users\Monča\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.01.31 13:23:06 | 000,211,485 | ---- | M] ( ) -- C:\Users\Monča\AppData\Roaming\2hcs\FAKTURACE3\sestavy\sestavy.exe
[2010.01.19 21:17:59 | 000,050,008 | R--- | M] () -- C:\Users\Monča\AppData\Roaming\Microsoft\Installer\{54DBD56C-3E97-4D9F-8851-B0FDDF976876}\_6FEFF9B68218417F98F549.exe
< MD5 for: AGP440.SYS >
[2008.01.21 04:44:43 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:44:43 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 04:44:42 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:48:15 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.21 04:47:26 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:44:46 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2008.01.21 04:46:59 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008.01.21 04:47:45 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 08:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 04:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 07:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 04:46:34 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 04:47:14 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.21 04:44:43 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:44:51 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2008.01.21 04:44:43 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.21 04:44:43 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 17:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.02.13 10:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008.01.21 04:46:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 13:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.02.13 07:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 16:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009.02.13 09:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2008.01.21 04:48:26 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 04:48:51 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:46:20 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.21 04:44:46 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2008.01.21 04:44:46 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:48:17 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:47:39 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.21 04:48:24 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 04:45:54 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 04:48:13 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2010.04.06 10:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2009.12.08 20:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 17:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 16:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 14:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 20:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 17:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 16:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009.08.14 18:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 04:49:04 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 14:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 18:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2009.12.08 22:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 10:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.04.05 19:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010.06.16 19:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 09:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 18:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 16:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 20:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 23:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 01:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 18:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.16 00:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2009.12.08 22:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 22:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 10:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:48:25 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:47:35 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:47:36 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:48:26 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:47:34 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.21 04:48:23 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.28 16:24:17 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Monča\Desktop\Kick.Ass.TS.XViD-IMAGiNE.avi:TOC.WMV
< End of report >
Re: Výsledek MBAMu aneb co odstranit?
a zde je extras :
OTL Extras logfile created on: 28.9.2010 17:30:17 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monča\Desktop
64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 4,37 Gb Free Space | 1,88% Space Free | Partition Type: NTFS
Drive D: | 51,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONCA
Current User Name: Monča
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = E1 0B B4 13 DC 5B C8 01 [binary data]
"VistaSp2" = 01 34 CB 4F ED 39 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{165217D0-7EC0-4E3D-9AC2-82C2137FC23A}" = rport=138 | protocol=17 | dir=out | app=system |
"{16D450F5-9AAA-4CC0-B295-1534477313EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{326637D9-EF43-4CD7-ACDF-C20C35883825}" = lport=445 | protocol=6 | dir=in | app=system |
"{3F9A753E-2110-4CE6-9CF8-262F6ACA1207}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{58383481-C36D-4093-AF2C-8B34A1AE2CD3}" = rport=445 | protocol=6 | dir=out | app=system |
"{6FE1EA3C-D738-4A03-B671-DD85B76AA3D4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{AD2D6198-5D3D-452E-95DE-0BF003FE7126}" = rport=139 | protocol=6 | dir=out | app=system |
"{B035AC7C-67A7-48A4-B24B-83B3093A131E}" = lport=138 | protocol=17 | dir=in | app=system |
"{B3511E3E-6D03-4EA7-8773-9FF7F4EF46A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B97DDC40-6AC5-4780-90BA-22C06ACC30B0}" = rport=137 | protocol=17 | dir=out | app=system |
"{C663FDF9-BB45-4576-BBE4-F38B16719407}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009B9B89-CCDA-4471-A4A7-88662BBCC480}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{010EBF14-3F70-4E8A-9D31-D209B9759E0D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{18378298-9AB3-471A-9A68-F5227602745A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{41C5187C-4E81-49B7-85AF-93C641C30325}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4829A767-E0C9-4740-B242-537CD27827CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{49335164-3984-420D-B08C-EDFC88E0C81B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D12330E-5759-4B22-ACF4-638DC0A0B6B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{55A64CD9-645C-4106-A8E0-083E85606DE9}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{5984D1CA-7285-4D57-A539-3BED5F00D8E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{99FC605E-0C82-4E21-9578-F7D195989AB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A6857BF3-DD37-461C-ABD0-818FA2EE86F0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{F1425307-7F56-4A68-9B47-E5AA6908DA32}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F8BB6CB1-D7F9-4CE1-A621-FDCCBFE5433A}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{FD990E48-0905-4DC2-AE31-795AB6E7EC1C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6448F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"EPSON Printer and Utilities" = Software tiskárny EPSON
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 19
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}" = LightScribe System Software
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{54DBD56C-3E97-4D9F-8851-B0FDDF976876}" = Mobipocket Reader 6.2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9410CF72-35AA-4AAD-9ADA-38F44FA948F5}" = LANGMaster ŠKOLA hrou - řada S
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.3 - Czech
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0BE2E64-6D5F-45CD-A53E-D4C68EEC153C}" = TOPO 50 v4
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bosch Viewer" = Bosch Viewer
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diagnostika elektronických systémů_is1" = Diagnostika elektronických systémů SD-SW-Setup:2009/1_1_10 KTS5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"ESI[tronic]" = ESI[tronic]
"eslprintables Toolbar" = eslprintables Toolbar
"Hardlock Device Drivers" = Hardlock Device Drivers
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mount&Blade" = Mount&Blade
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NAVIGON Fresh" = NAVIGON Fresh 3.1.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Tecar Forum ETKA v2" = Tecar Forum ETKA v2
"TheSage" = TheSage
"Web Page Maker_is1" = Web Page Maker V3.21
"WinRAR archiver" = WinRAR
"Zkušební hodnoty ESI" = Zkušební hodnoty ESI
"ZoneAlarm" = ZoneAlarm
========== Last 10 Event Log Errors ==========
[ Aladdin Events ]
Error - 13.8.2009 5:02:37 | Computer Name = Monča-PC | Source = Aladdin | ID = 107
Description =
[ Application Events ]
Error - 5.8.2010 7:57:54 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:07:29 | Computer Name = Monca | Source = WinMgmt | ID = 10
Description =
Error - 5.8.2010 8:08:02 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.8.2010 4:01:04 | Computer Name = Monca | Source = WinMgmt | ID = 10
Description =
Error - 6.8.2010 4:01:33 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ System Events ]
Error - 27.9.2010 20:17:35 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 10:45:10 | Computer Name = Monca | Source = Service Control Manager | ID = 7030
Description =
Error - 28.9.2010 10:51:26 | Computer Name = Monca | Source = Service Control Manager | ID = 7030
Description =
Error - 28.9.2010 11:01:23 | Computer Name = Monca | Source = bowser | ID = 8003
Description =
Error - 28.9.2010 11:03:57 | Computer Name = Monca | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 28.9.2010 11:04:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:04:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:14:23 | Computer Name = Monca | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 28.9.2010 11:15:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:15:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL Extras logfile created on: 28.9.2010 17:30:17 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monča\Desktop
64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 4,37 Gb Free Space | 1,88% Space Free | Partition Type: NTFS
Drive D: | 51,25 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONCA
Current User Name: Monča
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = E1 0B B4 13 DC 5B C8 01 [binary data]
"VistaSp2" = 01 34 CB 4F ED 39 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{165217D0-7EC0-4E3D-9AC2-82C2137FC23A}" = rport=138 | protocol=17 | dir=out | app=system |
"{16D450F5-9AAA-4CC0-B295-1534477313EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{326637D9-EF43-4CD7-ACDF-C20C35883825}" = lport=445 | protocol=6 | dir=in | app=system |
"{3F9A753E-2110-4CE6-9CF8-262F6ACA1207}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{58383481-C36D-4093-AF2C-8B34A1AE2CD3}" = rport=445 | protocol=6 | dir=out | app=system |
"{6FE1EA3C-D738-4A03-B671-DD85B76AA3D4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{AD2D6198-5D3D-452E-95DE-0BF003FE7126}" = rport=139 | protocol=6 | dir=out | app=system |
"{B035AC7C-67A7-48A4-B24B-83B3093A131E}" = lport=138 | protocol=17 | dir=in | app=system |
"{B3511E3E-6D03-4EA7-8773-9FF7F4EF46A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B97DDC40-6AC5-4780-90BA-22C06ACC30B0}" = rport=137 | protocol=17 | dir=out | app=system |
"{C663FDF9-BB45-4576-BBE4-F38B16719407}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009B9B89-CCDA-4471-A4A7-88662BBCC480}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{010EBF14-3F70-4E8A-9D31-D209B9759E0D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{18378298-9AB3-471A-9A68-F5227602745A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{41C5187C-4E81-49B7-85AF-93C641C30325}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4829A767-E0C9-4740-B242-537CD27827CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{49335164-3984-420D-B08C-EDFC88E0C81B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D12330E-5759-4B22-ACF4-638DC0A0B6B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{55A64CD9-645C-4106-A8E0-083E85606DE9}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{5984D1CA-7285-4D57-A539-3BED5F00D8E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{99FC605E-0C82-4E21-9578-F7D195989AB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A6857BF3-DD37-461C-ABD0-818FA2EE86F0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{F1425307-7F56-4A68-9B47-E5AA6908DA32}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F8BB6CB1-D7F9-4CE1-A621-FDCCBFE5433A}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{FD990E48-0905-4DC2-AE31-795AB6E7EC1C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6448F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"EPSON Printer and Utilities" = Software tiskárny EPSON
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 19
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}" = LightScribe System Software
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{54DBD56C-3E97-4D9F-8851-B0FDDF976876}" = Mobipocket Reader 6.2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9410CF72-35AA-4AAD-9ADA-38F44FA948F5}" = LANGMaster ŠKOLA hrou - řada S
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.3 - Czech
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0BE2E64-6D5F-45CD-A53E-D4C68EEC153C}" = TOPO 50 v4
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Bosch Viewer" = Bosch Viewer
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Diagnostika elektronických systémů_is1" = Diagnostika elektronických systémů SD-SW-Setup:2009/1_1_10 KTS5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"ESI[tronic]" = ESI[tronic]
"eslprintables Toolbar" = eslprintables Toolbar
"Hardlock Device Drivers" = Hardlock Device Drivers
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mount&Blade" = Mount&Blade
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NAVIGON Fresh" = NAVIGON Fresh 3.1.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Tecar Forum ETKA v2" = Tecar Forum ETKA v2
"TheSage" = TheSage
"Web Page Maker_is1" = Web Page Maker V3.21
"WinRAR archiver" = WinRAR
"Zkušební hodnoty ESI" = Zkušební hodnoty ESI
"ZoneAlarm" = ZoneAlarm
========== Last 10 Event Log Errors ==========
[ Aladdin Events ]
Error - 13.8.2009 5:02:37 | Computer Name = Monča-PC | Source = Aladdin | ID = 107
Description =
[ Application Events ]
Error - 5.8.2010 7:57:54 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:03:35 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 5.8.2010 8:07:29 | Computer Name = Monca | Source = WinMgmt | ID = 10
Description =
Error - 5.8.2010 8:08:02 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.8.2010 4:01:04 | Computer Name = Monca | Source = WinMgmt | ID = 10
Description =
Error - 6.8.2010 4:01:33 | Computer Name = Monca | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
[ System Events ]
Error - 27.9.2010 20:17:35 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 10:45:10 | Computer Name = Monca | Source = Service Control Manager | ID = 7030
Description =
Error - 28.9.2010 10:51:26 | Computer Name = Monca | Source = Service Control Manager | ID = 7030
Description =
Error - 28.9.2010 11:01:23 | Computer Name = Monca | Source = bowser | ID = 8003
Description =
Error - 28.9.2010 11:03:57 | Computer Name = Monca | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 28.9.2010 11:04:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:04:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:14:23 | Computer Name = Monca | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 28.9.2010 11:15:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
Error - 28.9.2010 11:15:14 | Computer Name = Monca | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Re: Výsledek MBAMu aneb co odstranit?
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl PRC - File not found -- C:\Windows\SysWow64\spool\drivers\x64\3\E_FATIBIE.EXE DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsdatant.win7.sys -- (vsdatant7) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp) IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... K82_QowXqA IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1528038406-1306628096-4167433855-1000\..\URLSearchHook: {e47d6d44-6479-461d-bfa3-dbd0dc5a9011} - C:\Program Files (x86)\eslprintables\tbeslp.dll (Conduit Ltd.) FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}" FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found [2010.07.30 14:58:50 | 000,010,017 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\mywebsearch.xml [2010.05.27 21:34:35 | 000,001,589 | ---- | M] () -- C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\1h62tmv2.default\searchplugins\web-search.xml O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\nvLsp.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysNative\nvLsp.dll File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O33 - MountPoints2\{8ab249c0-2a20-11df-a3c5-00248cd5e4ae}\Shell - "" = AutoRun [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2010.08.31 22:40:09 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job @Alternate Data Stream - 64 bytes -> C:\Users\Monča\Desktop\Kick.Ass.TS.XViD-IMAGiNE.avi:TOC.WMV :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "DAEMON Tools Lite"=- "PC Suite Tray"=- "DAEMON Tools"=- "ICQ"=- "WMPNSCFG"=- "Steam"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "NBKeyScan"=- "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "KTSInit"=0 [] "QuickTime Task"=- "RemoteControl10"=- "BDRegion"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Výsledek MBAMu aneb co odstranit?
Když dolu zkopíruji vaš text.Kliknu opravit tak program dloiho neodpovídá.Musím ho pak ukončit ručně.Co s tím?
Re: Výsledek MBAMu aneb co odstranit?
Zkuste aplikovat v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?