Problem s USB

Zpráva

lookys · #1 Příspěvek od **lookys** » 01 dub 2011 23:15

Dobry den,
mam problem s USB porty a uz si vazne nevim rady.
Dnes, z niceho nic prestal fungovat flash disk, respektive, po jeho pripojeni mi to vypise hlasku: "Disk musi byt nejprve naformatovan. Chcete provest formatovani?"
Puvodne jsem si myslel, ze odesla Flashka, ale pri pripojeni do jineho PC normalne funguje. Zkusil jsem tedy do sveho PC pripojit i jine flashky a to same, chce to format, ktery ovsem nelze dokoncit. A pri formatu v jinem PC je to beze zmeny.
Nevite prosim nekdo, cim to muze byt?
Zajimave je, ze kdyz do USB pripojim mys, nebo externi disk, tak to normalne funguje.
Zkusil jsem preinstalaci ovladacu a nic nepomohlo...
Predem diky za rady!

#2 Příspěvek od **stell** » 02 dub 2011 09:10

zdravim
No mas pocitac zavirenu.

1:Zapneme zobrazovanie skrytých systémových a chránených súborov.
2:Stiahnite si prosím
http://download.bleepingcomputer.com/sU ... fector.exe a uložte ho na plochu.
3:Dvoj kliknite na Flash_Disinfector.exe spustiť a postupujte podľa pokynov,
4: Nástroj vás požiada aby ste pripojili flash disk alebo iné vymeniteľné Media.
5:Urobte tak prosím a pripojte všetky vymeniteľné média,ktoré používate cez USB.
6:Podržte kláves Shift pri vkladaní disku,ak je prítomný autorun.inf aby sa nespustil.
7:Čakať,až sa dokončí skenovanie a potom ukončite program.
8: Reštartovať počítač.
9:Spustíme Malwarebytes.

Stiahnes>>mbam-setup
Nainstalovat, aktualizovat, a spustit skan.
Spravit Uplny skan, co najde daj zmazat,
Log vloz sem.
Podrobny Navod:
http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

lookys · #3 Příspěvek od **lookys** » 02 dub 2011 12:00

Diky za rady, bohuzel jsem zjistil ze Flash Disinfector na win 7 nefunguje. Pouzil jsem tedy Panda USB and AutoRun Vaccine ale bez uspechu...
Provedeny test take nic noveho nenasel. Tedy nasel, ale jsou to povetsinou cracky k programum, ktere bezne pouzivam a nikdy nebyl problem, i na jinem PC

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 6244

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2.4.2011 12:50:38
mbam-log-2011-04-02 (12-50-30).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 333617
Uplynulý čas: 1 hodin, 40 minut, 25 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 6

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiNODLogin (Riskware.KG) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\lookys\aktualni\Desktop\eset smart security 4.2.67.11 32bit cz\tnodup a minodlogin + hotfix\minodlogin 3.9.6.1\minodlogin 3.9.6.1.exe (Riskware.KG) -> No action taken.
c:\Users\lookys\Desktop\oregon 550 - mapy, gpx, jazyk\mapy garmin\!garminunlock\garmin unlock generator v1.5.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\lookys\Desktop\eset smart security 4.2.67.11 32bit cz\tnodup a minodlogin + hotfix\minodlogin 3.9.6.1\minodlogin 3.9.6.1.exe (Riskware.KG) -> No action taken.
c:\Users\lookys\Desktop\adobe audition 2.0 cz\crack\keygen.exe (Trojan.Agent) -> No action taken.
c:\program files\ESET\minodlogin\minodlogin.exe (Riskware.KG) -> No action taken.
c:\program files\ESET\minodlogin\minodloginuninst.exe (Riskware.KG) -> No action taken.

#4 Příspěvek od **stell** » 02 dub 2011 12:03

Dobre, zmaz vsetko co MBAM nasiel, a odinstaluj crack>>> NOD,
Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
do okna >vloz zeleny text a klik Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt

Kód: Vybrat vše

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90

lookys · #5 Příspěvek od **lookys** » 02 dub 2011 12:31

OTL logfile created on: 2.4.2011 13:07:22 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\lookys\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 75,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 446,42 Gb Free Space | 74,89% Space Free | Partition Type: NTFS

Computer Name: LOOKYS-PC | User Name: lookys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.02 13:06:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\lookys\Desktop\OTL.exe
PRC - [2011.03.03 20:27:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.01.31 20:51:06 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010.12.21 11:17:45 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.11.08 10:50:48 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.11.08 10:50:44 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010.05.28 11:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2009.12.11 08:50:00 | 000,239,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvSCPAPISvr.exe
PRC - [2009.12.10 12:52:28 | 001,258,800 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2009.11.24 14:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.09 20:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.26 21:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 11:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.09.30 05:53:30 | 000,498,560 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009.09.23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009.08.19 21:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.07.31 11:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.07.31 11:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.07.23 11:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.24 13:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009.06.19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.13 22:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008.07.18 20:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.03.31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 12:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.11 01:43:54 | 000,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
PRC - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 16:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

========== Modules (SafeList) ==========

MOD - [2011.04.02 13:06:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\lookys\Desktop\OTL.exe
MOD - [2011.01.31 20:51:12 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.10.09 13:12:50 | 000,265,728 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDApix.dll
MOD - [2009.06.10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
MOD - [2009.06.10 23:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.12.24 12:58:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.08 10:51:18 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.11.08 10:50:48 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.12.11 08:50:00 | 000,239,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.11.09 20:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 03:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.09.11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)

========== Driver Services (SafeList) ==========

DRV - [2010.12.21 11:25:44 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2010.09.03 07:13:46 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.07.29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010.07.29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.27 21:56:04 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2010.01.31 11:56:58 | 002,351,944 | ---- | M] (Digital Camera) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SPUVCBv.sys -- (SPUVCbv)
DRV - [2009.12.11 01:15:12 | 009,929,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.10.05 18:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.21 06:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.07.20 19:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.02 18:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.28 18:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.05.13 10:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.01.02 14:26:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.05.23 18:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 06:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2005.11.02 17:47:26 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4138797752-821939561-1481593502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4138797752-821939561-1481593502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.01.31 20:51:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.02 10:25:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.02 10:25:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.12.24 12:00:56 | 000,000,000 | ---D | M]

[2010.12.21 12:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lookys\AppData\Roaming\Mozilla\Extensions
[2010.12.21 12:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lookys\AppData\Roaming\Mozilla\Firefox\Profiles\fd86tg2i.default\extensions
[2011.04.02 10:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.24 12:06:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.24 12:18:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.04 13:14:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.01.31 20:51:12 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.03 19:52:54 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.03.03 19:52:54 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.03 19:52:54 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.03 19:52:54 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.03 19:52:54 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] File not found
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\lookys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4138797752-821939561-1481593502-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.10 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O33 - MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8AB49238-9FE6-6DA0-1AC7-36C858108905} - Browser Customizations
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F060AC39-00A5-9E3F-E570-F506019C81D6} - Microsoft Windows Media Player 12.0
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (http://www.helixcommunity.org)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.04.02 13:06:03 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\lookys\Desktop\OTL.exe
[2011.04.02 10:57:49 | 000,000,000 | -HSD | C] -- C:\found.009
[2011.04.02 10:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011.04.02 10:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2011.04.02 10:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2011.04.02 10:41:19 | 000,000,000 | ---D | C] -- C:\Users\lookys\AppData\Roaming\Malwarebytes
[2011.04.02 10:41:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.02 10:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.02 10:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.02 10:41:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.02 10:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.01 23:36:35 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.04.01 23:36:35 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.04.01 23:36:35 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.04.01 23:31:01 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011.04.01 23:29:20 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.04.01 23:29:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.04.01 23:29:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.04.01 23:28:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.01 23:28:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.01 23:28:49 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.01 23:28:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.01 23:28:49 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.01 23:28:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.01 23:28:49 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.01 23:28:48 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.01 23:28:48 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.01 23:28:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.01 23:28:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.01 23:28:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.01 23:28:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.01 23:28:42 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011.04.01 23:28:42 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.04.01 23:28:42 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.04.01 23:28:29 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.04.01 23:28:29 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.04.01 23:28:28 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.01 23:28:26 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.04.01 23:28:24 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.01 23:28:19 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.04.01 23:28:17 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.04.01 23:28:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.04.01 23:28:17 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.04.01 23:28:17 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011.04.01 23:28:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.04.01 23:28:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.04.01 23:28:06 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2011.04.01 23:28:06 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.04.01 23:27:55 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.04.01 23:27:54 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.04.01 23:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2011.04.01 23:23:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011.04.01 23:22:59 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.04.01 23:22:58 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.04.01 23:22:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.04.01 23:22:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.04.01 23:22:52 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.04.01 23:22:51 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.04.01 23:22:51 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.04.01 23:22:42 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.01 23:22:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.04.01 23:22:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.01 23:22:35 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.04.01 23:22:34 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.04.01 09:36:19 | 000,000,000 | -HSD | C] -- C:\found.008
[2011.03.31 19:05:27 | 000,000,000 | -HSD | C] -- C:\found.007
[2011.03.27 13:14:08 | 000,000,000 | ---D | C] -- C:\Users\lookys\Desktop\Nová složka (2)
[2011.03.23 13:35:27 | 000,000,000 | ---D | C] -- C:\Users\lookys\Desktop\Dexter Season 4
[2011.03.12 12:03:08 | 000,000,000 | -HSD | C] -- C:\found.006
[2011.03.07 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\lookys\Desktop\Iva Marešová
[2011.03.04 12:55:05 | 002,630,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.01.11 23:09:50 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\lookys\AppData\Roaming\pcouffin.sys
[2010.12.21 11:18:14 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2011.04.02 13:09:54 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.02 13:09:54 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.02 13:07:01 | 000,625,914 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.04.02 13:07:01 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.02 13:07:01 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.04.02 13:07:01 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.02 13:06:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\lookys\Desktop\OTL.exe
[2011.04.02 13:02:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.02 13:02:10 | 2817,994,752 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.02 11:00:44 | 000,003,480 | ---- | M] () -- C:\bootsqm.dat
[2011.04.02 10:41:15 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.02 10:25:36 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.04.02 00:05:17 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.04.02 00:05:17 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.04.01 23:45:39 | 001,762,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.31 23:57:42 | 000,152,120 | ---- | M] () -- C:\Users\lookys\Desktop\tattoo.gpx
[2011.03.31 21:10:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.03.31 21:10:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.03.29 18:11:52 | 000,542,978 | ---- | M] () -- C:\Users\lookys\Desktop\emm_rad.pdf
[2011.03.29 18:11:14 | 002,619,266 | ---- | M] () -- C:\Users\lookys\Desktop\emm_cenove_ukazatele.pdf
[2011.03.26 01:37:05 | 000,512,053 | ---- | M] () -- C:\Users\lookys\Desktop\motivy 2.jpg
[2011.03.20 12:16:07 | 000,103,528 | ---- | M] () -- C:\Users\lookys\AppData\Roaming\preview.html

========== Files Created - No Company Name ==========

[2011.04.02 11:00:44 | 000,003,480 | ---- | C] () -- C:\bootsqm.dat
[2011.04.02 10:41:15 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.02 00:05:05 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.04.02 00:05:05 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.04.01 09:12:23 | 000,152,120 | ---- | C] () -- C:\Users\lookys\Desktop\tattoo.gpx
[2011.03.31 21:10:02 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.03.31 21:10:02 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.03.29 18:11:36 | 000,542,978 | ---- | C] () -- C:\Users\lookys\Desktop\emm_rad.pdf
[2011.03.29 18:11:14 | 002,619,266 | ---- | C] () -- C:\Users\lookys\Desktop\emm_cenove_ukazatele.pdf
[2011.03.26 01:37:02 | 000,512,053 | ---- | C] () -- C:\Users\lookys\Desktop\motivy 2.jpg
[2011.02.16 17:04:52 | 000,103,528 | ---- | C] () -- C:\Users\lookys\AppData\Roaming\preview.html
[2011.01.29 16:51:17 | 000,004,608 | ---- | C] () -- C:\Users\lookys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.11 23:10:37 | 000,001,189 | ---- | C] () -- C:\Users\lookys\AppData\Roaming\vso_ts_preview.xml
[2011.01.11 23:09:50 | 000,087,608 | ---- | C] () -- C:\Users\lookys\AppData\Roaming\inst.exe
[2011.01.11 23:09:50 | 000,007,887 | ---- | C] () -- C:\Users\lookys\AppData\Roaming\pcouffin.cat
[2011.01.11 23:09:50 | 000,001,144 | ---- | C] () -- C:\Users\lookys\AppData\Roaming\pcouffin.inf
[2010.12.24 13:25:36 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.24 12:56:05 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.12.21 12:27:01 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.12.21 12:27:01 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.12.21 12:27:00 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.12.21 12:27:00 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.21 12:26:59 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.12.21 11:23:31 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.12.21 11:22:27 | 000,087,240 | ---- | C] () -- C:\Windows\SPRemove_x64.exe
[2010.12.21 11:22:27 | 000,072,904 | ---- | C] () -- C:\Windows\SPRemove.exe
[2010.12.21 11:21:53 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SAMSFPA.DAT
[2010.02.22 09:15:38 | 000,001,663 | ---- | C] () -- C:\Windows\Remove.ini
[2009.12.11 09:44:18 | 000,040,588 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2009.12.11 08:50:00 | 000,095,848 | ---- | C] () -- C:\Windows\System32\nvimage.dll
[2009.07.14 10:44:22 | 000,625,914 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,120,000 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 001,762,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,610,094 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,104,412 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011.01.19 15:18:03 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\AnvSoft
[2011.01.29 12:10:06 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\Cakewalk
[2010.12.24 12:02:02 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\ESET
[2011.02.27 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\GARMIN
[2011.02.27 18:56:25 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\GeoGet
[2011.03.04 13:14:25 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\GHISLER
[2011.01.21 15:00:54 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\Graphisoft
[2011.03.04 13:14:25 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\GSBuilder
[2011.01.29 16:46:40 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\uTorrent
[2010.12.29 15:51:34 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\Vodafone
[2011.01.19 15:24:13 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\Vso
[2011.01.19 15:17:47 | 000,000,000 | ---D | M] -- C:\Users\lookys\AppData\Roaming\XMedia Recode
[2011.03.13 23:10:40 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2010.04.27 21:56:04 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=3EBA5767211C34923584AAB02E7C1A20 -- C:\Windows\System32\drivers\nvstor32.sys
[2010.04.27 21:56:04 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=3EBA5767211C34923584AAB02E7C1A20 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_f0041088dea62f28\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2011.01.11 23:09:50 | 000,047,360 | ---- | M] (VSO Software) -- C:\Windows\System32\drivers\pcouffin.sys

< End of report >

---------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 2.4.2011 13:07:22 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\lookys\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 75,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 446,42 Gb Free Space | 74,89% Space Free | Partition Type: NTFS

Computer Name: LOOKYS-PC | User Name: lookys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4138797752-821939561-1481593502-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}" = Adobe Audition 2.0
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{12001D97-ED15-4D04-B4A6-32D16A71844C}" = Adobe Photoshop Lightroom 2.6.1
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{48E9E92C-CCBA-43D9-9B7C-FB26DD0C6709}" = TOPO Czech PRO 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.3 - Czech
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E753ABBD-6A4C-4E1B-B413-B8291CF51694}" = ESET Smart Security
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Adobe AIR" = Adobe AIR
"Adobe Audition 2.0" = Adobe Audition 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"ASUS_Screensaver" = ASUS_Screensaver
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x86 7.0.5.9_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GeoGet_is1" = GeoGet 2.5.7.612
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.6.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MiNODLogin" = ESET Antivirus License Finder (MiNODLogin)
"Miranda IM KenDASS Pack_is1" = Miranda IM KenDASS Pack v5.0.8.15
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PhotoFiltre" = PhotoFiltre
"RealPlayer 12.0" = RealPlayer
"SONAR8Producer_is1" = SONAR 8.0 Producer Edition
"Sunplus SPUVCb" = USB Video Device
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4138797752-821939561-1481593502-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.4.2011 5:05:14 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 5:05:14 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 5:25:02 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 5:51:43 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 5:58:39 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 6:50:39 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 7:01:35 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 7:03:12 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 7:06:12 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

Error - 2.4.2011 7:06:12 | Computer Name = lookys-PC | Source = Windows Search Service | ID = 3083
Description =

[ System Events ]
Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

Error - 6.3.2011 13:48:24 | Computer Name = lookys-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume2 spustit nástroj chkdsk.

< End of report >

Myslim ze problem nastal bud 31.3. 2011 vecer, nebo 1.4.2011 rano

#6 Příspěvek od **stell** » 02 dub 2011 13:12

spust OTL>do okna skopiruj text, a klikni na OPRAVIT,log po restarte vloz sem, a napis ci problem pretrvava.

Kód: Vybrat vše

:OTL
O4 - HKLM..\Run: [AmIcoSinglun] File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O33 - MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\Shell - "" = AutoRun
O33 - MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
[2011.04.01 09:36:19 | 000,000,000 | -HSD | C] -- C:\found.008
[2011.03.31 19:05:27 | 000,000,000 | -HSD | C] -- C:\found.007
:Commands
[emptytemp]
[start explorer]
[Reboot]

lookys · #7 Příspěvek od **lookys** » 02 dub 2011 13:31

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AmIcoSinglun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5502cdf2-1352-11e0-be54-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5502cdf2-1352-11e0-be54-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5502cdf2-1352-11e0-be54-20cf3064fb62}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5502cdfb-1352-11e0-be54-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5502cdfb-1352-11e0-be54-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5502cdfb-1352-11e0-be54-20cf3064fb62}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d9cd0e7-0d19-11e0-a08a-806e6f6e6963}\ not found.
File D:\InstAll.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{782816f3-2400-11e0-af46-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{782816f3-2400-11e0-af46-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{782816f3-2400-11e0-af46-20cf3064fb62}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{782816f6-2400-11e0-af46-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{782816f6-2400-11e0-af46-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{782816f6-2400-11e0-af46-20cf3064fb62}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1df3db2-1e6c-11e0-b73d-20cf3064fb62}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1df3db4-1e6c-11e0-b73d-20cf3064fb62}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
C:\found.008\dir0000.chk folder moved successfully.
C:\found.008 folder moved successfully.
C:\found.007\dir0001.chk folder moved successfully.
C:\found.007\dir0000.chk\SYNTHS folder moved successfully.
C:\found.007\dir0000.chk\GUITARS folder moved successfully.
C:\found.007\dir0000.chk\DRUMS\DRUM LOOPS folder moved successfully.
C:\found.007\dir0000.chk\DRUMS\DRUM FILLS folder moved successfully.
C:\found.007\dir0000.chk\DRUMS folder moved successfully.
C:\found.007\dir0000.chk folder moved successfully.
C:\found.007 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: lookys
->Temp folder emptied: 271275 bytes
->Temporary Internet Files folder emptied: 252627 bytes
->Java cache emptied: 20877 bytes
->FireFox cache emptied: 106814858 bytes
->Flash cache emptied: 5318 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4864 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 102,00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 04022011_141816

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

bohuzel problem pretrvava...

#8 Příspěvek od **stell** » 02 dub 2011 14:06

PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

lookys · #9 Příspěvek od **lookys** » 02 dub 2011 14:52

ComboFix 11-04-01.01 - lookys 02.04.2011 15:29:18.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3583.2730 [GMT 2:00]
Spuštěný z: c:\users\lookys\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ESET\MiNODLogin
c:\program files\ESET\MiNODLogin\MiNODLogin.exe
c:\program files\ESET\MiNODLogin\MiNODLogin.jar
c:\program files\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files\ESET\MiNODLogin\servidores.xml
c:\users\lookys\AppData\Roaming\inst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-02 do 2011-04-02 )))))))))))))))))))))))))))))))
.
.
2011-04-02 12:18 . 2011-04-02 12:18 -------- d-----w- C:\_OTL
2011-04-02 08:57 . 2011-04-02 08:57 -------- d-----w- C:\found.009
2011-04-02 08:48 . 2011-04-02 08:48 -------- d-----w- c:\programdata\Panda Security
2011-04-02 08:48 . 2011-04-02 08:48 -------- d-----w- c:\program files\Panda USB Vaccine
2011-04-02 08:41 . 2011-04-02 08:41 -------- d-----w- c:\users\lookys\AppData\Roaming\Malwarebytes
2011-04-02 08:41 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-02 08:41 . 2011-04-02 08:41 -------- d-----w- c:\programdata\Malwarebytes
2011-04-02 08:41 . 2011-04-02 08:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-02 08:41 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-02 08:25 . 2011-03-03 18:27 719832 ----a-w- c:\program files\Mozilla Firefox\mozcrt19.dll
2011-04-02 08:25 . 2011-03-03 18:27 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-04-01 21:38 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-04-01 21:36 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-01 21:36 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-01 21:36 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-01 21:36 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-01 21:36 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-01 21:31 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-04-01 21:29 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-04-01 21:29 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2011-04-01 21:29 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2011-04-01 21:29 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-04-01 21:29 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2011-04-01 21:27 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-01 21:27 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-01 21:27 . 2010-10-27 04:40 1289536 ----a-w- c:\windows\system32\ntdll.dll
2011-04-01 21:26 . 2011-04-01 21:26 -------- d-----w- c:\program files\Lavalys
2011-04-01 21:23 . 2010-10-16 04:36 314368 ----a-w- c:\windows\system32\webio.dll
2011-03-12 11:28 . 2011-03-12 11:28 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 11:28 . 2011-03-12 11:28 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-03-12 10:03 . 2011-03-12 10:03 -------- d-----w- C:\found.006
2011-03-04 10:55 . 2009-12-22 11:57 2630176 ----a-w- c:\windows\system32\RtkAPO.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-31 18:51 . 2010-12-21 09:01 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-01-31 18:51 . 2010-12-21 09:01 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-19 13:24 . 2011-01-11 21:09 47360 ----a-w- c:\users\lookys\AppData\Roaming\pcouffin.sys
2011-01-11 21:09 . 2011-01-11 21:09 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-22 210216]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-11 13838952]
"ATKOSD2"="c:\program files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2008-02-22 62760]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-12-21 3054136]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-22 8120864]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-10 67488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-01-31 273544]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 498560]
.
c:\users\lookys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-12-21 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2010-12-21 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2008-04-02 18:09 87336 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-11-08 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\System32\nvSCPAPISvr.exe [2009-12-11 239208]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 94208]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-31 187392]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv.sys [2010-01-31 2351944]
.
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {01438731-E7C2-4873-84AD-7E0A00A9144C} = 160.218.167.5 160.218.161.60
TCP: {8935EFD6-73B7-4124-AC45-0746D8A22226} = 160.218.161.60 194.228.211.33
FF - ProfilePath - c:\users\lookys\AppData\Roaming\Mozilla\Firefox\Profiles\fd86tg2i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ETDCtrl - %ProgramFiles%\Elantech\ETDCtrl.exe
AddRemove-MiNODLogin - c:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(536)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
Celkový čas: 2011-04-02 15:50:55
ComboFix-quarantined-files.txt 2011-04-02 13:50
.
Před spuštěním: Volných bajtů: 479 222 013 952
Po spuštění: Volných bajtů: 478 877 634 560
.
- - End Of File - - 5B295CC4A7DA71FAB7B718FCF01C803B

#10 Příspěvek od **stell** » 02 dub 2011 15:17

otrvor register a preklikaj sa tu
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Services
UsbStor

a pozri sa aku hodnotu ma Start.

lookys · #11 Příspěvek od **lookys** » 02 dub 2011 17:08

Hodnota 3 (16tkova ciselna soustava)
0x00000003 (3)

#12 Příspěvek od **stell** » 02 dub 2011 17:44

Ok,to je v poriadku, este sa pozri ci existuje tento ovladac
c:\windows\system32\drivers\AmUStor.SYS [x]

lookys · #13 Příspěvek od **lookys** » 03 dub 2011 08:25

ano, mam ho... tak ja uz nevim.... nefunguji flashky v usb, ale mys ano. Nefunguje pametova karta ve ctecce karet, u vseho to pise ze je potreba nejprve medium zformatovat, i kdyz v jinem pc funguji. Takze bych rek ze je problem ve cteni pametovych medii, ale externi disk pripojeny pres USB funguje... takze to opravdu nechapu...

#14 Příspěvek od **stell** » 03 dub 2011 10:32

AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS[x]
[X] - Takto ComboFix označí soubory, které nemají příponu
AmUStor.SYS je AM USB Stroage Driver>>daco tymto ovladacom nie je v poriadku,
Otvor spravcu zariadeni ,a pozri sa ci tam nemas zlte,cervene otazniky.

lookys · #15 Příspěvek od **lookys** » 03 dub 2011 10:52

Spravce ukazuje ze je vse v poradku

VIRY.CZ

Problem s USB

Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB

Re: Problem s USB