Vyhladavanie - ScanQuery

Zpráva

S4jmon · #1 Příspěvek od **S4jmon** » 31 kvě 2011 23:33

Ak zadam nejaky slovo do ulr (firefoxu) malo by to vyhladavat v google, ale namiesto google mi to hlada v nejakom http://www.scanquery.com/. Zistil som ze to je nejaky bordel v pc, pouzil som spybot, spyware doctor a nic, takisto to nemozem najst v Program Files....

Prikladam LOG

Logfile of random's system information tool 1.08 (written by random/random)
Run by sajmon at 2011-06-01 00:32:24
Microsoft Windows 7 Professional
System drive C: has 8 GB (17%) free of 50 GB
Total RAM: 4095 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:32:27, on 1. 6. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\GPU Boost\GpuBoostServer.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\sajmon\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~2\ASUS\AISUIT~1\Sensor\HMSERV~1\aaHM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\sajmon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: FLVBlaster.FLVBlasterIEAddon - {807ca0aa-7cb3-4f03-bd61-076f618cc82d} - mscoree.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Google Update] "C:\Users\sajmon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [AIMP3] C:\Program Files (x86)\AIMP3\AIMP3.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Rainmeter - odkaz.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with FLV Blaster - C:\Users\sajmon\AppData\Roaming\FLV Blaster\Internet Explorer\script.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sajmon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8802A01B-6A77-4DA9-9379-15DEE4A99AD9}: NameServer = 8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13732 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe"
taskeng.exe {0F6C099F-0C2F-4EC0-9FED-90388580DDE5}
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\GPU Boost\GpuBoostServer.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe"
"C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini" MySQL
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Users\sajmon\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\AIMP3\AIMP3.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Last.fm\LastFM.exe" --tray
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
{5F7901D3-DE23-4268-88FD-0F55493BA7F0}
{E809B959-387F-46DC-AA38-E37796F9B4DF}
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2400 series#1295551357" -Startup
C:\PROGRA~2\ASUS\AISUIT~1\Sensor\HMSERV~1\aaHM.exe /Automation -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a2b1d0f5-d3e5-46c2-92b6-121f8df9779c -SystemEventPortName:HostProcess-89de695f-bed1-44df-a7b7-ae5290a2ed93 -IoCancelEventPortName:HostProcess-d783d442-14c9-43a6-a73a-b98134019895 -NonStateChangingEventPortName:HostProcess-d5138ade-02b0-4132-8662-426f9fc65b3c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:964f5b4f-d620-437c-ad76-05c11f19507b
"C:\Program Files (x86)\iTunes\iTunes.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\30154705-1225016815128841988 --parentPipe
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a32b2d7e-1701-4488-9e75-ceec55d21586 -SystemEventPortName:HostProcess-605fbfdf-a1b6-4c71-8caa-d0ebd6ef56f6 -IoCancelEventPortName:HostProcess-7cce543b-d64f-4dd9-b5fb-a436fda868cb -NonStateChangingEventPortName:HostProcess-7846b8b8-9c01-491b-af0b-aafaa64a4657 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1709d0bb-f421-4713-98f6-7265291ec7b1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4056.cf30a20.584509601 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.4.0.1" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 4056 \\.\pipe\gecko-crash-server-pipe.4056 plugin
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\sajmon\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{807ca0aa-7cb3-4f03-bd61-076f618cc82d}]
FLVBlaster.FLVBlasterIEAddon - C:\Windows\system32\mscoree.dll [2009-11-25 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2009-12-22 2647040]
"AdobeBridge"= []
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"Google Update"=C:\Users\sajmon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 136176]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-05-07 552312]
"AIMP3"=C:\Program Files (x86)\AIMP3\AIMP3.exe [2011-05-24 1531904]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-05-31 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIMP2]
C:\Program Files (x86)\AIMP2\AIMP2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS AI Direct Link Command Execute]
C:\Program Files (x86)\ASUS\AI Suite II\AI Direct Link\AsCmd.exe [2010-05-18 383104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\sajmon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [2010-06-03 362872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-06-03 5129720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-03-01 421160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\sajmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter - odkaz.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-01 00:32:25 ----D---- C:\Program Files\trend micro
2011-06-01 00:32:24 ----D---- C:\rsit
2011-05-31 22:31:49 ----D---- C:\Users\sajmon\AppData\Roaming\Spyware Terminator
2011-05-31 22:31:47 ----D---- C:\ProgramData\Spyware Terminator
2011-05-31 22:31:47 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-05-31 22:09:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-05-31 22:09:10 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-31 21:59:39 ----D---- C:\Users\sajmon\AppData\Roaming\Malwarebytes
2011-05-31 21:59:32 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-29 18:42:54 ----D---- C:\Users\sajmon\AppData\Roaming\Leadertech
2011-05-27 13:02:32 ----SHD---- C:\Windows\ftpcache
2011-05-26 11:17:21 ----ASH---- C:\pagefile.sys
2011-05-21 13:04:13 ----D---- C:\Program Files\Common Files\OFX
2011-05-21 13:03:48 ----D---- C:\Program Files\NewBlue
2011-05-19 10:48:03 ----D---- C:\ProgramData\eSellerate
2011-05-19 10:48:02 ----D---- C:\Program Files (x86)\NewBlue
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\wextract.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\url.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\msls31.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\mshta.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\inseng.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\icardie.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2011-05-09 20:28:11 ----A---- C:\Windows\SYSWOW64\admparse.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\wininet.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\urlmon.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-05-09 20:28:11 ----A---- C:\Windows\system32\pngfilt.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\occache.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\msrating.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\msls31.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\mshtml.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\mshta.exe
2011-05-09 20:28:11 ----A---- C:\Windows\system32\jsproxy.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\jscript9.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\ieUnatt.exe
2011-05-09 20:28:11 ----A---- C:\Windows\system32\iertutil.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\ieakui.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\ieaksie.dll
2011-05-09 20:28:11 ----A---- C:\Windows\system32\admparse.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\wextract.exe
2011-05-09 20:28:10 ----A---- C:\Windows\system32\webcheck.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\vbscript.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\url.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-05-09 20:28:10 ----A---- C:\Windows\system32\mshtmler.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\mshtmled.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\msfeedssync.exe
2011-05-09 20:28:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\msfeeds.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\licmgr10.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\jscript.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\inseng.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\imgutil.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iexpress.exe
2011-05-09 20:28:10 ----A---- C:\Windows\system32\ieui.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iesysprep.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iesetup.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iernonce.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iepeers.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\ieframe.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\iedkcs32.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\ieapfltr.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\ieakeng.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\ie4uinit.exe
2011-05-09 20:28:10 ----A---- C:\Windows\system32\icardie.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\dxtrans.dll
2011-05-09 20:28:10 ----A---- C:\Windows\system32\dxtmsft.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-05-09 20:26:45 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-05-09 20:26:45 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\mfps.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\mf.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\FntCache.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\DWrite.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-05-09 20:26:45 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-09 20:26:45 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\d2d1.dll
2011-05-09 20:26:45 ----A---- C:\Windows\system32\cdd.dll
2011-05-09 20:14:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-05-06 23:26:18 ----D---- C:\Users\sajmon\AppData\Roaming\Mp3tag
2011-05-06 23:26:09 ----D---- C:\Program Files (x86)\Mp3tag
2011-05-06 17:17:01 ----D---- C:\ProgramData\VOWSoft
2011-05-06 17:16:59 ----D---- C:\Program Files (x86)\iPodRobot
2011-05-05 16:21:24 ----D---- C:\Users\sajmon\AppData\Roaming\Movier
2011-05-05 16:21:23 ----D---- C:\Program Files (x86)\Movier
2011-05-05 16:00:51 ----D---- C:\Program Files (x86)\Xvid
2011-05-05 15:59:07 ----D---- C:\Users\sajmon\AppData\Roaming\FLV Blaster
2011-05-05 15:59:04 ----D---- C:\Program Files (x86)\FLV Blaster
2011-05-05 13:06:00 ----D---- C:\Windows\XSxS
2011-05-05 01:19:03 ----D---- C:\Program Files\Movie Maker
2011-05-05 00:59:45 ----A---- C:\Windows\SYSWOW64\unrar.dll
2011-05-04 10:41:22 ----D---- C:\Users\sajmon\AppData\Roaming\Songbird2
2011-05-02 15:51:00 ----D---- C:\Users\sajmon\AppData\Roaming\Publish Providers
2011-05-02 15:43:42 ----D---- C:\ProgramData\Sony
2011-05-02 15:43:42 ----D---- C:\Program Files (x86)\Sony
2011-05-02 15:42:43 ----D---- C:\Users\sajmon\AppData\Roaming\Sony

======List of files/folders modified in the last 1 months======

2011-06-01 00:32:27 ----D---- C:\Windows\Temp
2011-06-01 00:32:27 ----D---- C:\Windows\Prefetch
2011-06-01 00:32:25 ----RD---- C:\Program Files
2011-06-01 00:30:00 ----D---- C:\Users\sajmon\AppData\Roaming\uTorrent
2011-05-31 22:52:00 ----D---- C:\Windows\system32\catroot2
2011-05-31 22:51:57 ----SHD---- C:\System Volume Information
2011-05-31 22:41:32 ----D---- C:\Users\sajmon\AppData\Roaming\AIMP3
2011-05-31 22:31:55 ----D---- C:\Windows\system32\drivers
2011-05-31 22:31:47 ----RD---- C:\Program Files (x86)
2011-05-31 22:31:47 ----HD---- C:\ProgramData
2011-05-31 22:18:33 ----D---- C:\Users\sajmon\AppData\Roaming\vlc
2011-05-31 22:09:49 ----D---- C:\Windows\System32
2011-05-31 22:09:49 ----D---- C:\Windows\inf
2011-05-31 22:09:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-31 22:08:39 ----D---- C:\Windows\SYSWOW64\drivers
2011-05-31 22:05:06 ----D---- C:\ProgramData\NVIDIA
2011-05-31 19:48:57 ----RSD---- C:\Windows\Fonts
2011-05-31 16:58:40 ----D---- C:\Windows\system32\config
2011-05-29 18:42:49 ----SHD---- C:\Windows\Installer
2011-05-29 18:42:49 ----HD---- C:\Config.Msi
2011-05-29 18:39:04 ----RSD---- C:\Windows\assembly
2011-05-29 18:37:59 ----D---- C:\Windows\winsxs
2011-05-28 20:53:49 ----D---- C:\Downloads
2011-05-27 21:26:48 ----D---- C:\ProgramData\TrackMania
2011-05-27 19:27:33 ----D---- C:\Windows\SysWOW64
2011-05-27 19:27:29 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-05-27 14:50:28 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-05-27 14:47:46 ----D---- C:\Users\sajmon\AppData\Roaming\Xfire
2011-05-27 13:12:44 ----A---- C:\Windows\game.ini
2011-05-27 13:02:32 ----D---- C:\Windows
2011-05-27 12:34:14 ----D---- C:\Windows\Minidump
2011-05-27 12:30:45 ----D---- C:\ProgramData\Xfire
2011-05-24 18:20:06 ----D---- C:\Users\sajmon\AppData\Roaming\Skype
2011-05-24 17:44:32 ----D---- C:\Users\sajmon\AppData\Roaming\skypePM
2011-05-24 15:01:31 ----D---- C:\Program Files (x86)\AIMP3
2011-05-21 13:04:13 ----D---- C:\Program Files\Common Files
2011-05-21 13:04:10 ----D---- C:\Program Files (x86)\Common Files
2011-05-14 15:14:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-05-11 16:04:09 ----D---- C:\Windows\rescache
2011-05-09 23:32:43 ----D---- C:\Program Files\Internet Explorer
2011-05-09 23:32:42 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-05-09 23:32:42 ----D---- C:\Windows\SYSWOW64\migration
2011-05-09 23:32:42 ----D---- C:\Windows\SYSWOW64\en-US
2011-05-09 23:32:42 ----D---- C:\Windows\system32\sk-SK
2011-05-09 23:32:42 ----D---- C:\Windows\system32\migration
2011-05-09 23:32:42 ----D---- C:\Windows\system32\en-US
2011-05-09 23:32:42 ----D---- C:\Windows\PolicyDefinitions
2011-05-09 23:32:41 ----D---- C:\Program Files (x86)\Internet Explorer
2011-05-09 20:28:25 ----D---- C:\Windows\Logs
2011-05-09 20:28:10 ----D---- C:\Windows\system32\catroot
2011-05-09 20:15:39 ----D---- C:\Windows\system32\Tasks
2011-05-09 20:14:23 ----SD---- C:\ProgramData\Microsoft
2011-05-08 10:40:13 ----D---- C:\Program Files (x86)\uTorrent
2011-05-07 11:13:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-05 01:15:55 ----D---- C:\Program Files (x86)\Movie Maker 2.6
2011-05-02 10:53:19 ----D---- C:\Program Files (x86)\AIMP2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-12-21 271456]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-21 834544]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-12-21 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-12-21 943712]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-12-21 252512]
R3 AODDriver2;AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 a9dvqahb;a9dvqahb; C:\Windows\system32\drivers\a9dvqahb.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\sajmon\AppData\Local\Temp\ALSysIO64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe [2010-06-03 1055200]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-12-21 2480048]
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe [2001-11-29 32768]
R2 MySQL;MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini MySQL []
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-05-27 75136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2011-05-31 948775]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 InterBaseServer;InterBase Server; C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe [2001-11-29 1769472]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-03-01 934176]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 01 čer 2011 05:57

Zdravim a pekny den preji

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Nahrady za Spybota:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

S4jmon · #3 Příspěvek od **S4jmon** » 01 čer 2011 12:19

Dobry den, dakujem za odpoved. Prikladam LOG-y

LOG 1 - OTL.txt

OTL logfile created on: 1. 6. 2011 13:03:13 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\sajmon\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 55,08% Memory free
8,00 Gb Paging File | 5,64 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 8,72 Gb Free Space | 17,90% Space Free | Partition Type: NTFS
Drive D: | 882,68 Gb Total Space | 564,27 Gb Free Space | 63,93% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 15,06 Gb Total Space | 7,54 Gb Free Space | 50,08% Space Free | Partition Type: NTFS

Computer Name: SAJMONPC | User Name: sajmon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/06/01 13:01:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\sajmon\Desktop\OTL.exe
PRC - [2011/06/01 00:47:01 | 000,551,800 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/05/31 22:31:49 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011/05/27 14:50:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/05/24 15:01:30 | 001,531,904 | ---- | M] (AIMP DevTeam) -- C:\Program Files (x86)\AIMP3\AIMP3.exe
PRC - [2011/04/30 10:41:15 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/04/26 10:39:14 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\sajmon\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/03/31 18:20:34 | 008,146,944 | ---- | M] () -- C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld.exe
PRC - [2010/12/21 17:59:08 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010/10/27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe
PRC - [2010/10/16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/07 18:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/07/15 12:14:30 | 001,205,376 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2010/07/09 17:07:28 | 000,878,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\HMService\aaHM.exe
PRC - [2010/07/09 16:01:26 | 001,091,712 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2010/07/05 11:03:18 | 001,415,296 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2010/07/01 05:45:02 | 000,136,616 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
PRC - [2010/06/29 12:04:12 | 001,137,280 | ---- | M] (
ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\GPU Boost\GpuBoostServer.exe
PRC - [2010/06/28 16:53:36 | 000,330,368 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/05/25 13:38:06 | 000,613,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/05/14 11:32:30 | 001,479,680 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/12/28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/12/22 17:23:00 | 002,647,040 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
PRC - [2009/10/27 11:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007/09/02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2001/11/29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe
PRC - [2001/11/29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe

========== Modules (SafeList) ==========

MOD - [2011/06/01 13:01:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\sajmon\Desktop\OTL.exe
MOD - [2009/12/18 18:23:58 | 000,194,560 | ---- | M] () -- C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Win32Share.dll
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007/09/02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/05/31 22:31:49 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011/05/27 14:50:28 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/31 18:20:34 | 008,146,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV - [2010/12/21 17:59:08 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/10/16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/07/01 05:45:02 | 000,136,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/06/03 13:29:22 | 001,055,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/05/25 13:38:06 | 000,613,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2001/11/29 01:50:00 | 001,769,472 | ---- | M] (Borland Software Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibserver.exe -- (InterBaseServer)
SRV - [2001/11/29 01:50:00 | 000,032,768 | ---- | M] (Borland Software Corporation) [Auto | Running] -- C:\Program Files (x86)\Borland\InterBase\bin\ibguard.exe -- (InterBaseGuardian)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/21 18:13:15 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/12/21 17:59:08 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010/12/21 17:59:07 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV:64bit: - [2010/12/21 17:59:05 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010/12/21 17:59:01 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/09/07 22:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/09/07 17:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/07/09 14:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/07/07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010/06/23 11:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/27 10:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 10:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/02/26 15:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010/02/26 15:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/02/26 15:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010/02/26 15:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009/07/16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010/07/01 05:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 A7 23 81 77 0E CC 01 [binary data]
IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.sk/ig?hl=sk&source=iglk"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: {FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}:5.0.3
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..keyword.URL: "http://www.scanquery.com/?tmp=nemo_resu ... &keywords="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/20 21:21:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/30 10:41:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/31 22:03:08 | 000,000,000 | ---D | M]

[2011/05/04 10:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sajmon\AppData\Roaming\mozilla\Extensions
[2011/05/04 10:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sajmon\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011/05/31 21:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions
[2011/04/27 14:49:47 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/05/11 21:45:32 | 000,000,000 | ---D | M] (New Tab King) -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}
[2011/05/05 15:59:07 | 000,000,000 | ---D | M] (FLV Blaster) -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions\flvblaster@flvblaster.com
[2011/05/12 22:04:18 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions\foxmarks@kei.com
[2011/02/26 00:34:19 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\sajmon\AppData\Roaming\mozilla\Firefox\Profiles\hasr6l7y.default\extensions\support@lastpass.com
[2011/05/31 22:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\SAJMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HASR6L7Y.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\SAJMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HASR6L7Y.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\SAJMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HASR6L7Y.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\USERS\SAJMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HASR6L7Y.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/04/30 10:41:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/03/27 12:11:53 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\atlas-sk.xml
[2011/03/27 12:11:53 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\azet-sk.xml
[2011/03/27 12:11:53 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2011/03/27 12:11:53 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2011/03/27 12:11:53 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2011/03/27 12:11:53 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/04/30 15:56:09 | 000,001,798 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O3 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [AIMP3] C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\sajmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter - odkaz.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8:64bit: - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: Download with FLV Blaster - C:\Users\sajmon\AppData\Roaming\FLV Blaster\Internet Explorer\script.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sajmon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\sajmon\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\sajmon\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Download with FLV Blaster - C:\Users\sajmon\AppData\Roaming\FLV Blaster\Internet Explorer\script.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\sajmon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\sajmon\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\sajmon\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.146.128.62 195.146.132.58
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{50981d1c-0d25-11e0-ac26-20cf30da4d7b}\Shell - "" = AutoRun
O33 - MountPoints2\{50981d1c-0d25-11e0-ac26-20cf30da4d7b}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011/06/01 13:00:53 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\sajmon\Desktop\OTL.exe
[2011/06/01 00:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/06/01 00:32:24 | 000,000,000 | ---D | C] -- C:\rsit
[2011/05/31 22:31:49 | 000,000,000 | ---D | C] -- C:\Users\sajmon\AppData\Roaming\Spyware Terminator
[2011/05/31 22:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator
[2011/05/31 22:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2011/05/31 22:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2011/05/31 22:29:04 | 000,706,168 | ---- | C] (Crawler Inc. ) -- C:\Users\sajmon\Desktop\SpywareTerminatorSetup.exe
[2011/05/31 22:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/31 22:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/05/31 22:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/05/31 22:07:54 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\sajmon\Desktop\spybotsd162.exe
[2011/05/31 21:59:39 | 000,000,000 | ---D | C] -- C:\Users\sajmon\AppData\Roaming\Malwarebytes
[2011/05/31 21:59:32 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/31 21:58:57 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\sajmon\Desktop\mbam-setup.exe
[2011/05/29 18:44:13 | 000,000,000 | ---D | C] -- C:\Users\sajmon\Documents\FIFA 11
[2011/05/29 18:42:54 | 000,000,000 | ---D | C] -- C:\Users\sajmon\AppData\Roaming\Leadertech
[2011/05/28 20:41:43 | 000,000,000 | ---D | C] -- C:\Users\sajmon\.jdiskreport
[2011/05/28 20:40:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JGoodies
[2011/05/27 13:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/05/27 13:02:32 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache

========== Files - Modified Within 7 Days ==========

[2011/06/01 13:01:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\sajmon\Desktop\OTL.exe
[2011/06/01 12:44:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000UA.job
[2011/06/01 12:15:30 | 000,154,274 | ---- | M] () -- C:\Users\sajmon\Desktop\skenovat0001.tif
[2011/06/01 12:15:28 | 000,102,178 | ---- | M] () -- C:\Users\sajmon\Desktop\skenovat0002.tif
[2011/06/01 12:15:24 | 000,132,080 | ---- | M] () -- C:\Users\sajmon\Desktop\skenovat0003.tif
[2011/06/01 12:15:21 | 000,150,486 | ---- | M] () -- C:\Users\sajmon\Desktop\skenovat0004.tif
[2011/06/01 12:15:18 | 000,083,120 | ---- | M] () -- C:\Users\sajmon\Desktop\skenovat0005.tif
[2011/06/01 11:05:47 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 11:05:47 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 11:02:55 | 000,743,794 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/01 11:02:55 | 000,627,482 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/01 11:02:55 | 000,111,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/01 10:58:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/01 10:58:01 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/01 00:32:20 | 000,832,273 | ---- | M] () -- C:\Users\sajmon\Desktop\RSITx64.exe
[2011/05/31 22:52:10 | 000,034,126 | ---- | M] () -- C:\Users\sajmon\Desktop\c984d1a150a5789209f70a0f0a04e505da74ec70.zip
[2011/05/31 22:32:00 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011/05/31 22:29:09 | 000,706,168 | ---- | M] (Crawler Inc. ) -- C:\Users\sajmon\Desktop\SpywareTerminatorSetup.exe
[2011/05/31 22:16:01 | 000,036,900 | ---- | M] () -- C:\Users\sajmon\Desktop\Limitless(0000176214).zip
[2011/05/31 22:09:13 | 000,001,262 | ---- | M] () -- C:\Users\sajmon\Desktop\Spybot - Search & Destroy.lnk
[2011/05/31 22:08:40 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\sajmon\Desktop\spybotsd162.exe
[2011/05/31 22:04:50 | 005,033,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/31 21:59:16 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\sajmon\Desktop\mbam-setup.exe
[2011/05/31 20:49:57 | 001,442,066 | ---- | M] () -- C:\Users\sajmon\Desktop\preview44
[2011/05/31 20:17:08 | 000,001,456 | ---- | M] () -- C:\Users\sajmon\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/05/31 15:33:20 | 000,361,328 | ---- | M] () -- C:\Users\sajmon\Desktop\USS-Dallas-Light-Italic.zip
[2011/05/31 15:31:59 | 000,361,328 | ---- | M] () -- C:\Users\sajmon\Desktop\USS-Dallas-Italic.zip
[2011/05/31 14:48:02 | 000,280,166 | ---- | M] () -- C:\Users\sajmon\Desktop\tumblr_lbzm4g8k6k1qbu68f.gif
[2011/05/31 00:12:15 | 000,076,026 | ---- | M] () -- C:\Users\sajmon\Desktop\76056_464597883475_82286648475_5507320_2976423_n.jpg
[2011/05/30 22:46:00 | 022,313,895 | ---- | M] () -- C:\Users\sajmon\Desktop\Glass Break.mov
[2011/05/30 22:44:48 | 000,268,852 | ---- | M] () -- C:\Users\sajmon\Desktop\Glass break Sound FX.wav
[2011/05/30 22:19:15 | 012,695,979 | ---- | M] () -- C:\Users\sajmon\Desktop\Glass Smash.rar
[2011/05/30 18:43:58 | 000,001,016 | ---- | M] () -- C:\Users\sajmon\Documents\sad.fxpltea
[2011/05/29 19:24:13 | 000,001,168 | ---- | M] () -- C:\Users\sajmon\Desktop\fifa - odkaz.lnk
[2011/05/28 23:44:06 | 000,018,992 | ---- | M] () -- C:\Users\sajmon\Desktop\image_m_2326.jpg
[2011/05/28 23:43:45 | 000,059,455 | ---- | M] () -- C:\Users\sajmon\Desktop\img_1282974300_1.jpg
[2011/05/28 23:43:23 | 000,027,431 | ---- | M] () -- C:\Users\sajmon\Desktop\okurky.jpg
[2011/05/28 23:15:54 | 000,028,858 | ---- | M] () -- C:\Users\sajmon\Desktop\titulky_how.i.met.your.mother.s06e16.hdtv.xvid-lol.cz.srt
[2011/05/28 20:40:42 | 000,864,074 | ---- | M] () -- C:\Users\sajmon\Desktop\jdiskreport-1_2_2-win.exe
[2011/05/28 20:26:29 | 000,162,637 | ---- | M] () -- C:\Users\sajmon\Desktop\chata5si.jpg
[2011/05/28 13:22:45 | 000,105,098 | ---- | M] () -- C:\Users\sajmon\Desktop\shortky.png
[2011/05/27 22:54:54 | 000,027,854 | ---- | M] () -- C:\Users\sajmon\Desktop\titulky_how.i.met.your.mother.s06e15.hdtv.xvid-lol.cz.srt
[2011/05/27 21:21:29 | 000,020,548 | ---- | M] () -- C:\Users\sajmon\Desktop\Storm-Warning(0000126652).zip
[2011/05/27 20:52:38 | 000,000,464 | ---- | M] () -- C:\Users\sajmon\Desktop\censor-beep-2.mp3.sfk
[2011/05/27 20:37:42 | 000,024,277 | ---- | M] () -- C:\Users\sajmon\Desktop\censor-beep-2.mp3
[2011/05/27 19:27:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/05/27 19:27:29 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/27 19:27:02 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/05/27 14:50:28 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/27 14:21:44 | 039,052,170 | ---- | M] () -- C:\Users\sajmon\Desktop\CoD4MW-1.6-1.7-PatchSetup.zip
[2011/05/27 13:13:24 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011/05/27 13:13:24 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011/05/27 13:12:44 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2011/05/27 11:18:11 | 005,639,844 | ---- | M] () -- C:\Users\sajmon\Desktop\Rolling Stone.mp3
[2011/05/27 10:50:22 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000Core.job
[2011/05/26 22:41:26 | 000,053,424 | ---- | M] () -- C:\Users\sajmon\Desktop\Just-Go-with-It(0000174597).zip
[2011/05/26 22:33:16 | 013,525,297 | ---- | M] () -- C:\Users\sajmon\Desktop\jr5go1lk.psd
[2011/05/26 20:34:30 | 092,600,164 | ---- | M] () -- C:\Users\sajmon\Desktop\IMG_0610.MOV
[2011/05/26 16:42:39 | 000,073,194 | ---- | M] () -- C:\Users\sajmon\Desktop\75673_172974706052049_100000185613920_634479_6586223_n.jpg
[2011/05/26 16:40:39 | 000,250,909 | ---- | M] () -- C:\Users\sajmon\Desktop\planet-earth-space.jpg
[2011/05/25 23:55:50 | 000,642,456 | ---- | M] () -- C:\Users\sajmon\Desktop\orch.mp3.sfk

========== Files Created - No Company Name ==========

[2011/06/01 12:15:30 | 000,154,274 | ---- | C] () -- C:\Users\sajmon\Desktop\skenovat0001.tif
[2011/06/01 12:15:27 | 000,102,178 | ---- | C] () -- C:\Users\sajmon\Desktop\skenovat0002.tif
[2011/06/01 12:15:23 | 000,132,080 | ---- | C] () -- C:\Users\sajmon\Desktop\skenovat0003.tif
[2011/06/01 12:15:21 | 000,150,486 | ---- | C] () -- C:\Users\sajmon\Desktop\skenovat0004.tif
[2011/06/01 12:15:18 | 000,083,120 | ---- | C] () -- C:\Users\sajmon\Desktop\skenovat0005.tif
[2011/06/01 00:32:18 | 000,832,273 | ---- | C] () -- C:\Users\sajmon\Desktop\RSITx64.exe
[2011/05/31 22:52:09 | 000,034,126 | ---- | C] () -- C:\Users\sajmon\Desktop\c984d1a150a5789209f70a0f0a04e505da74ec70.zip
[2011/05/31 22:32:00 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2011/05/31 22:16:00 | 000,036,900 | ---- | C] () -- C:\Users\sajmon\Desktop\Limitless(0000176214).zip
[2011/05/31 22:09:13 | 000,001,262 | ---- | C] () -- C:\Users\sajmon\Desktop\Spybot - Search & Destroy.lnk
[2011/05/31 20:49:54 | 001,442,066 | ---- | C] () -- C:\Users\sajmon\Desktop\preview44
[2011/05/31 15:33:19 | 000,361,328 | ---- | C] () -- C:\Users\sajmon\Desktop\USS-Dallas-Light-Italic.zip
[2011/05/31 15:31:57 | 000,361,328 | ---- | C] () -- C:\Users\sajmon\Desktop\USS-Dallas-Italic.zip
[2011/05/31 14:48:01 | 000,280,166 | ---- | C] () -- C:\Users\sajmon\Desktop\tumblr_lbzm4g8k6k1qbu68f.gif
[2011/05/31 13:57:36 | 092,600,164 | ---- | C] () -- C:\Users\sajmon\Desktop\IMG_0610.MOV
[2011/05/31 00:12:13 | 000,076,026 | ---- | C] () -- C:\Users\sajmon\Desktop\76056_464597883475_82286648475_5507320_2976423_n.jpg
[2011/05/30 22:44:47 | 000,268,852 | ---- | C] () -- C:\Users\sajmon\Desktop\Glass break Sound FX.wav
[2011/05/30 22:44:33 | 022,313,895 | ---- | C] () -- C:\Users\sajmon\Desktop\Glass Break.mov
[2011/05/30 22:18:35 | 012,695,979 | ---- | C] () -- C:\Users\sajmon\Desktop\Glass Smash.rar
[2011/05/30 18:43:58 | 000,001,016 | ---- | C] () -- C:\Users\sajmon\Documents\sad.fxpltea
[2011/05/29 19:24:14 | 000,001,168 | ---- | C] () -- C:\Users\sajmon\Desktop\fifa - odkaz.lnk
[2011/05/28 23:44:05 | 000,018,992 | ---- | C] () -- C:\Users\sajmon\Desktop\image_m_2326.jpg
[2011/05/28 23:43:44 | 000,059,455 | ---- | C] () -- C:\Users\sajmon\Desktop\img_1282974300_1.jpg
[2011/05/28 23:43:22 | 000,027,431 | ---- | C] () -- C:\Users\sajmon\Desktop\okurky.jpg
[2011/05/28 23:15:53 | 000,028,858 | ---- | C] () -- C:\Users\sajmon\Desktop\titulky_how.i.met.your.mother.s06e16.hdtv.xvid-lol.cz.srt
[2011/05/28 20:40:37 | 000,864,074 | ---- | C] () -- C:\Users\sajmon\Desktop\jdiskreport-1_2_2-win.exe
[2011/05/28 20:26:28 | 000,162,637 | ---- | C] () -- C:\Users\sajmon\Desktop\chata5si.jpg
[2011/05/28 13:22:45 | 000,105,098 | ---- | C] () -- C:\Users\sajmon\Desktop\shortky.png
[2011/05/27 22:54:54 | 000,027,854 | ---- | C] () -- C:\Users\sajmon\Desktop\titulky_how.i.met.your.mother.s06e15.hdtv.xvid-lol.cz.srt
[2011/05/27 21:21:29 | 000,020,548 | ---- | C] () -- C:\Users\sajmon\Desktop\Storm-Warning(0000126652).zip
[2011/05/27 20:37:51 | 000,000,464 | ---- | C] () -- C:\Users\sajmon\Desktop\censor-beep-2.mp3.sfk
[2011/05/27 20:37:41 | 000,024,277 | ---- | C] () -- C:\Users\sajmon\Desktop\censor-beep-2.mp3
[2011/05/27 14:17:31 | 039,052,170 | ---- | C] () -- C:\Users\sajmon\Desktop\CoD4MW-1.6-1.7-PatchSetup.zip
[2011/05/27 13:13:24 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011/05/27 13:13:24 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011/05/27 11:17:43 | 005,639,844 | ---- | C] () -- C:\Users\sajmon\Desktop\Rolling Stone.mp3
[2011/05/26 22:41:25 | 000,053,424 | ---- | C] () -- C:\Users\sajmon\Desktop\Just-Go-with-It(0000174597).zip
[2011/05/26 22:33:10 | 013,525,297 | ---- | C] () -- C:\Users\sajmon\Desktop\jr5go1lk.psd
[2011/05/26 16:42:37 | 000,073,194 | ---- | C] () -- C:\Users\sajmon\Desktop\75673_172974706052049_100000185613920_634479_6586223_n.jpg
[2011/05/26 16:40:38 | 000,250,909 | ---- | C] () -- C:\Users\sajmon\Desktop\planet-earth-space.jpg
[2011/05/25 23:34:51 | 000,642,456 | ---- | C] () -- C:\Users\sajmon\Desktop\orch.mp3.sfk
[2011/05/05 00:59:45 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/04/08 13:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/03/11 15:53:20 | 000,000,600 | ---- | C] () -- C:\Users\sajmon\AppData\Roaming\winscp.rnd
[2011/02/28 20:51:26 | 000,005,120 | ---- | C] () -- C:\Users\sajmon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/26 00:29:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/21 23:56:00 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/02/20 19:27:33 | 000,165,172 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/01/20 21:19:00 | 000,160,833 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2011/01/13 15:37:02 | 000,000,025 | ---- | C] () -- C:\Windows\SYSWIN.INI
[2010/12/31 14:28:49 | 000,001,456 | ---- | C] () -- C:\Users\sajmon\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/12/31 14:28:19 | 000,000,132 | ---- | C] () -- C:\Users\sajmon\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/12/23 10:29:08 | 000,000,094 | ---- | C] () -- C:\Users\sajmon\AppData\Local\fusioncache.dat
[2010/12/22 23:22:52 | 000,735,856 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/22 23:19:46 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/12/22 00:55:14 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/12/22 00:55:14 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/12/22 00:55:12 | 000,011,832 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/12/21 23:11:34 | 000,000,248 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010/12/21 23:10:05 | 000,000,305 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010/12/21 23:08:18 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/12/21 22:01:01 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2010/12/21 21:10:39 | 000,160,985 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010/12/21 19:26:13 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/21 19:26:12 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/12/21 19:26:11 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/12/21 17:48:30 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/12/21 17:48:25 | 000,022,387 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/10/22 20:52:22 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\NBKey 2.exe
[2010/09/15 11:55:52 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\NB Key 1.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/06 04:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/06/11 11:30:02 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009/06/11 11:27:38 | 000,062,205 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/02/19 05:35:10 | 000,049,152 | R--- | C] () -- C:\Windows\DAOD.exe
[2008/01/04 07:34:42 | 000,010,216 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

========== LOP Check ==========

[2010/12/21 18:09:20 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Acronis
[2011/04/14 13:59:23 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\AIMP
[2011/06/01 13:05:28 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\AIMP3
[2010/12/21 18:42:31 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Ashampoo
[2010/12/21 23:11:34 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\BITS
[2011/02/22 17:25:39 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/21 19:14:04 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\DAEMON Tools Lite
[2011/04/27 14:49:46 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/12/21 23:17:14 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FlashGet
[2010/12/21 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FlashGetBHO
[2011/05/05 15:59:07 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FLV Blaster
[2011/01/22 13:08:23 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\GHISLER
[2011/01/03 17:43:02 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\IrfanView
[2011/05/29 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Leadertech
[2011/05/05 16:47:13 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Movier
[2011/05/06 23:34:03 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Mp3tag
[2010/12/23 20:42:35 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Nokia
[2011/01/22 00:02:41 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Nvu
[2010/12/21 18:14:10 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Opera
[2010/12/23 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\PC Suite
[2011/05/02 15:51:00 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Publish Providers
[2011/01/04 09:53:43 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Rainmeter
[2011/05/05 20:27:30 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Songbird2
[2011/05/05 00:02:26 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Sony
[2011/05/31 22:32:26 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Spyware Terminator
[2011/01/07 20:04:39 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\TS3Client
[2011/06/01 13:06:32 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\uTorrent
[2011/01/23 15:17:34 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Web Page Maker V2
[2011/02/20 23:00:53 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Xilisoft
[2011/03/07 08:03:10 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007/09/02 14:58:52 | 000,495,616 | ---- | M] ()
"OscarEditor" = "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum -- [2009/12/22 17:23:00 | 002,647,040 | ---- | M] ()
"AdobeBridge" =
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2010/05/14 11:32:30 | 001,479,680 | ---- | M] (Nokia)
"Google Update" = "C:\Users\sajmon\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/12/23 17:34:21 | 000,136,176 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2011/06/01 00:47:01 | 000,551,800 | ---- | M] (BitTorrent, Inc.)
"AIMP3" = C:\Program Files (x86)\AIMP3\AIMP3.exe -- [2011/05/24 15:01:30 | 001,531,904 | ---- | M] (AIMP DevTeam)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited)
"SpywareTerminatorUpdate" = "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2011/05/31 22:31:49 | 003,318,784 | ---- | M] (Crawler.com)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/12/21 18:09:20 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Acronis
[2011/01/12 15:24:22 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Adobe
[2011/04/14 13:59:23 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\AIMP
[2011/06/01 13:05:28 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\AIMP3
[2011/03/09 16:59:01 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Apple Computer
[2010/12/21 18:42:31 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Ashampoo
[2010/12/21 23:11:34 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\BITS
[2011/02/22 17:25:39 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/21 19:14:04 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\DAEMON Tools Lite
[2011/04/27 14:49:46 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/12/21 23:17:14 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FlashGet
[2010/12/21 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FlashGetBHO
[2011/05/05 15:59:07 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\FLV Blaster
[2011/01/22 13:08:23 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\GHISLER
[2011/01/20 21:27:25 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\HP
[2010/12/21 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Identities
[2011/01/03 17:43:02 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\IrfanView
[2011/05/29 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Leadertech
[2010/12/21 17:53:55 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Macromedia
[2011/05/31 21:59:39 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Malwarebytes
[2009/07/14 09:54:45 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Media Center Programs
[2011/04/17 12:43:01 | 000,000,000 | --SD | M] -- C:\Users\sajmon\AppData\Roaming\Microsoft
[2011/02/24 13:52:40 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\mIRC
[2011/05/05 16:47:13 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Movier
[2011/02/26 00:29:54 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Mozilla
[2011/05/06 23:34:03 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Mp3tag
[2010/12/23 20:42:35 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Nokia
[2010/12/22 12:31:48 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\NVIDIA
[2011/01/22 00:02:41 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Nvu
[2010/12/21 18:14:10 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Opera
[2010/12/23 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\PC Suite
[2011/05/02 15:51:00 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Publish Providers
[2011/01/04 09:53:43 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Rainmeter
[2010/12/22 23:24:20 | 000,000,000 | RH-D | M] -- C:\Users\sajmon\AppData\Roaming\SecuROM
[2011/05/24 18:20:06 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Skype
[2011/05/24 17:44:32 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\skypePM
[2011/05/05 20:27:30 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Songbird2
[2011/05/05 00:02:26 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Sony
[2011/05/31 22:32:26 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Spyware Terminator
[2011/01/07 20:04:39 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\TS3Client
[2011/06/01 13:06:32 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\uTorrent
[2011/05/31 22:18:33 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\vlc
[2011/01/23 15:17:34 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Web Page Maker V2
[2010/12/21 18:22:46 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\WinRAR
[2011/05/27 14:47:46 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Xfire
[2011/02/20 23:00:53 | 000,000,000 | ---D | M] -- C:\Users\sajmon\AppData\Roaming\Xilisoft

< %APPDATA%\*.exe /s >
[2011/03/28 01:13:24 | 001,750,016 | ---- | M] (FLV Blaster) -- C:\Users\sajmon\AppData\Roaming\FLV Blaster\AddonsManager.exe
[2011/03/24 08:01:00 | 000,188,152 | ---- | M] () -- C:\Users\sajmon\AppData\Roaming\Mozilla\Firefox\Profiles\hasr6l7y.default\FlashGot.exe

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< End of report >

S4jmon · #4 Příspěvek od **S4jmon** » 01 čer 2011 12:20

LOG 2 - EXTRAS.txt

OTL Extras logfile created on: 1. 6. 2011 13:03:13 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\sajmon\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 55,08% Memory free
8,00 Gb Paging File | 5,64 Gb Available in Paging File | 70,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 8,72 Gb Free Space | 17,90% Space Free | Partition Type: NTFS
Drive D: | 882,68 Gb Total Space | 564,27 Gb Free Space | 63,93% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 15,06 Gb Total Space | 7,54 Gb Free Space | 50,08% Space Free | Partition Type: NTFS

Computer Name: SAJMONPC | User Name: sajmon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1691793728-2122496842-3596782349-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C616FD4F-11F5-11E0-A38F-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0B753AE04CCFC1E067940973C1BEDEEE62CADDC9" = Windows Driver Package - Nokia Modem (03/15/2010 4.4)
"6CD143D10D52B656CB6E8E90D7932A476DA16F6A" = Windows Driver Package - Nokia Modem (03/15/2010 7.01.0.6)
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18756A46-652E-4ED4-A029-C4940D59F09B}" = Nokia PC Suite
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D3E3395-A9A0-42D4-A81B-41C3583CCE89}" = OSCAR Editor
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{87EAFB9D-12C2-40E1-80F7-576470011DAD}" = FLV Blaster 5.90
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8AF09748-FCC1-48AB-9A81-21D76903F5C9}" = MySQL Server 5.5
"{8C91D53E-0C23-4A79-A480-68A443D80100}" = PC Connectivity Solution
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.026 r1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1051-7B44-A94000000001}" = Adobe Reader 9.4.1 - Slovak
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEF1942C-FF3A-4FCB-AB49-3E6F9363F538}" = Acronis True Image Home
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE140B0B-ED3B-4D92-8973-4FF327059811}" = F2400_NCL_Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AIMP3" = AIMP3
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.7
"avast5" = avast! Free Antivirus
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 10.12
"Cisco Packet Tracer 5.3_is1" = Cisco Packet Tracer 5.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlashGet" = FlashGet 1.9.6.1073
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.36.421
"HTMLKit_is1" = HTML-Kit
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6D3E3395-A9A0-42D4-A81B-41C3583CCE89}" = Anti-Vibrate Oscar Editor
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InterBase" = InterBase 6.5
"IrfanView" = IrfanView (remove only)
"LastFM_is1" = Last.fm 1.5.4.27091
"LinX" = LinX
"mIRC" = mIRC
"Movier" = Movier 1.0.15
"Mozilla Firefox 4.0.1 (x86 sk)" = Mozilla Firefox 4.0.1 (x86 sk)
"Mp3tag" = Mp3tag v2.48
"MySQL Server and Clients" = MySQL Server and Clients 3.23
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Light Effects for Windows" = NewBlue Light Effects for Windows
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials II for Windows" = NewBlue Video Essentials II for Windows
"NewBlue Video Essentials III for Windows" = NewBlue Video Essentials III for Windows
"NewBlue Video Essentials IV for Windows" = NewBlue Video Essentials IV for Windows
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Nvu" = Nvu 1.0
"OCCT_is1" = OCCT Perestroika 3.1.0
"Opera 11.01.1190" = Opera 11.01
"plist Editor for Windows" = plist Editor for Windows 1.0.0
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter (remove only)
"RocketDock_is1" = RocketDock 1.3.5
"SopCast" = SopCast 3.3.2
"SpeedFan" = SpeedFan (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.9
"Web Page Maker V2_is1" = Web Page Maker V2.5
"winscp3_is1" = WinSCP 4.3.2
"Xfire" = Xfire (remove only)
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1691793728-2122496842-3596782349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30. 5. 2011 5:41:07 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 30. 5. 2011 17:44:55 | Computer Name = sajmonpc | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: vegas100.exe, verzia: 10.0.0.470, časová
značka: 0x4d18eee3 Názov chybového modulu: ntdll.dll, verzia: 6.1.7600.16385, časová
značka: 0x4a5be02b Kód výnimky: 0xc0000374 Odstup chyby: 0x00000000000c6cd2 Identifikácia
chybného procesu: 0x708 Čas spustenia chybnej aplikácie: 0x01cc1f07ae4a9ddd Cesta
chybnej aplikácie: D:\Program Files\vegas100.exe Cesta chybného modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia
hlásenia: 0ddf676e-8b06-11e0-8dc8-20cf30da4d7b

Error - 31. 5. 2011 7:07:34 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 31. 5. 2011 7:07:34 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 31. 5. 2011 7:44:26 | Computer Name = sajmonpc | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 31. 5. 2011 7:45:09 | Computer Name = sajmonpc | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 31. 5. 2011 16:09:49 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 31. 5. 2011 16:09:49 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1. 6. 2011 5:02:55 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1. 6. 2011 5:02:55 | Computer Name = sajmonpc | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 31. 5. 2011 15:55:50 | Computer Name = sajmonpc | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 31. 5. 2011 16:32:42 | Computer Name = sajmonpc | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 31. 5. 2011 16:49:24 | Computer Name = sajmonpc | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 31. 5. 2011 16:49:25 | Computer Name = sajmonpc | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 31. 5. 2011 16:49:25 | Computer Name = sajmonpc | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 31. 5. 2011 16:49:26 | Computer Name = sajmonpc | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 31. 5. 2011 16:49:26 | Computer Name = sajmonpc | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 31. 5. 2011 18:30:13 | Computer Name = sajmonpc | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume5.

Error - 31. 5. 2011 19:28:57 | Computer Name = sajmonpc | Source = DCOM | ID = 10010
Description =

Error - 1. 6. 2011 6:55:39 | Computer Name = sajmonpc | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

< End of report >

#5 Příspěvek od **vyosek** » 01 čer 2011 20:37

Omlouvam se za zdrzeni - pracovni povinnosti

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 A7 23 81 77 0E CC 01 [binary data]
IE - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/ig?hl=sk&source=iglk"
FF - prefs.js..keyword.URL: "http://www.scanquery.com/?tmp=nemo_results_removelink&prt=ScnqryPB&keywords="
O3 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{50981d1c-0d25-11e0-ac26-20cf30da4d7b}\Shell - "" = AutoRun

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"=-
"PC Suite Tray"=-
"Google Update"=-
"uTorrent"=-
"SpybotSD TeaTimer"=-
"SpywareTerminatorUpdate"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIMP2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"QuickTime Task"=-
"iTunesHelper"=-
 
:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

S4jmon · #6 Příspěvek od **S4jmon** » 01 čer 2011 21:09

jasne, v pohode

All processes killed
========== OTL ==========
HKU\S-1-5-21-1691793728-2122496842-3596782349-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1691793728-2122496842-3596782349-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Prefs.js: "http://www.google.sk/ig?hl=sk&source=iglk" removed from browser.startup.homepage
Prefs.js: "http://www.scanquery.com/?tmp=nemo_resu ... &keywords=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-1691793728-2122496842-3596782349-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\S-1-5-21-1691793728-2122496842-3596782349-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50981d1c-0d25-11e0-ac26-20cf30da4d7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50981d1c-0d25-11e0-ac26-20cf30da4d7b}\ not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIMP2\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1691793728-2122496842-3596782349-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: sajmon
->Temp folder emptied: 66859641 bytes
->Temporary Internet Files folder emptied: 68383843 bytes
->Java cache emptied: 683817 bytes
->FireFox cache emptied: 433471819 bytes
->Google Chrome cache emptied: 255636530 bytes
->Opera cache emptied: 27485712 bytes
->Flash cache emptied: 140501 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 131930 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50654 bytes
RecycleBin emptied: 5148592 bytes

Total Files Cleaned = 818,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: sajmon
->Flash cache emptied: 12408 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.23.0 log created on 06012011_215921

Files\Folders moved on Reboot...
C:\Users\sajmon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\sajmon\AppData\Local\Mozilla\Firefox\Profiles\hasr6l7y.default\XUL.mfl moved successfully.
File\Folder C:\Windows\temp\_avast5_\unp99458667.tmp not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#7 Příspěvek od **vyosek** » 01 čer 2011 21:18

OTL provedlo co melo, jak se chova PC

S4jmon · #8 Příspěvek od **S4jmon** » 01 čer 2011 21:20

oukej, dík! uz to nevyhladava v scanQuery ale pekne na google

este raz vdaka

#9 Příspěvek od **vyosek** » 01 čer 2011 21:22

Tak uklidime

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse

S4jmon · #10 Příspěvek od **S4jmon** » 01 čer 2011 21:45

Vsetko som spravil. Vsetko funguje ako ma. Este raz Vam dakujem

#11 Příspěvek od **vyosek** » 01 čer 2011 21:46

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

VIRY.CZ

Vyhladavanie - ScanQuery

Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery

Re: Vyhladavanie - ScanQuery