VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Přidružení programu k souboru

https://forum.viry.cz:443/viewtopic.php?t=112293

Stránka 2 z 3

Re: Přidružení programu k souboru

Napsal: 08 čer 2011 16:13
od petr7777
TL logfile created on: 8.6.2011 15:16:58 - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Bartonicek\Documents
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

501,20 Mb Total Physical Memory | 63,80 Mb Available Physical Memory | 12,73% Memory free
1,49 Gb Paging File | 0,50 Gb Available in Paging File | 33,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,26 Gb Total Space | 11,32 Gb Free Space | 16,84% Space Free | Partition Type: NTFS
Drive H: | 7,27 Gb Total Space | 3,13 Gb Free Space | 43,05% Space Free | Partition Type: NTFS

Computer Name: BARTONICEK-PC | User Name: Bartonicek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Users\Bartonicek\Dokumenty\OTL.exe
PRC - [2011.05.22 15:04:49 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.05.22 14:09:17 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.04.14 13:26:56 | 000,428,544 | ---- | M] (Sony Ericsson) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2011.03.09 14:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.12.13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
PRC - [2010.11.30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010.11.11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010.11.11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010.05.03 13:56:32 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2010.04.07 17:48:14 | 000,303,104 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2010.03.31 15:32:52 | 000,180,224 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2010.03.12 12:13:06 | 000,053,248 | ---- | M] (ioCentre) -- C:\Genius\ioCentre\gIoCentreFunMgm.exe
PRC - [2010.03.11 11:33:12 | 000,012,288 | ---- | M] () -- C:\Genius\ioCentre\GMouseService.exe
PRC - [2009.09.23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009.09.03 11:30:38 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - File not found -- C:\Users\Bartonicek\Dokumenty\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011.02.10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.11.11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010.11.11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.11.05 15:32:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.11 11:33:12 | 000,012,288 | ---- | M] () [Auto | Running] -- C:\Genius\ioCentre\GMouseService.exe -- (GeniusMouseService)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.06.08 14:47:53 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{704D1B3E-AA2B-4020-8C13-BC329E166581}\MpKsl822ea515.sys -- (MpKsl822ea515)
DRV - [2010.11.25 08:13:59 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.11.25 08:13:57 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.10.24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010.10.24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.07.06 20:03:05 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.06.28 14:27:40 | 000,272,536 | ---- | M] (COSECT, Computer Security Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\safetica.sys -- (Safetica)
DRV - [2010.06.15 22:26:36 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.06.15 22:26:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.11.02 17:47:58 | 000,011,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2009.11.02 17:43:26 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C2 39 7B 20 04 F9 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.05.19 16:23:56 | 000,000,000 | ---D | M]

[2011.04.14 14:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartonicek\AppData\Roaming\Mozilla\Extensions
[2010.05.23 13:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartonicek\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.04.04 12:39:51 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2011.06.07 07:17:51 | 000,000,000 | --S- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpReg: TrojanScanner - hkey= - key= - C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.06.08 15:06:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Bartonicek\Documents\OTL.exe
[2011.06.08 09:44:04 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\AppData\Roaming\Malwarebytes
[2011.06.08 09:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.08 09:43:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.08 09:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.08 09:43:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.08 09:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.06.08 09:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011.06.08 09:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2011.06.08 09:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2011.06.08 07:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.06.07 12:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.06.07 12:31:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.07 08:04:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.06.05 12:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011.06.05 09:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011.05.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2011.05.24 15:41:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011.05.24 15:37:51 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011.05.24 15:37:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2011.05.24 15:37:46 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.05.24 15:37:45 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.05.24 15:37:45 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011.05.24 15:37:44 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011.05.24 15:37:35 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2011.05.24 15:37:33 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2011.05.24 15:37:33 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2011.05.24 15:37:31 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.05.24 15:37:27 | 002,161,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.05.24 15:37:22 | 000,073,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.05.24 15:37:21 | 000,485,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.05.24 15:37:20 | 004,106,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.05.24 15:37:07 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011.05.24 15:37:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011.05.24 15:37:07 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011.05.24 15:37:06 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011.05.24 15:37:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011.05.24 15:37:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011.05.24 15:36:59 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2011.05.24 15:36:59 | 001,004,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2011.05.24 15:36:58 | 000,102,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2011.05.24 15:36:58 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2011.05.24 15:36:57 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2011.05.24 15:36:57 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2011.05.24 15:36:53 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2011.05.24 15:36:51 | 001,803,608 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2011.05.24 15:36:47 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011.05.24 15:36:45 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2011.05.24 15:36:43 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011.05.24 15:36:43 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011.05.24 15:36:02 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011.05.24 15:36:02 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2011.05.24 15:36:01 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2011.05.24 15:36:00 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2011.05.24 15:35:59 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2011.05.24 15:35:58 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2011.05.24 15:35:57 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2011.05.24 15:35:56 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2011.05.24 15:35:56 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2011.05.24 15:35:55 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2011.05.24 15:35:55 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2011.05.24 15:35:53 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2011.05.24 15:35:52 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2011.05.24 15:35:42 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011.05.24 15:35:42 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011.05.22 15:05:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.05.22 15:05:21 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.22 15:05:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.05.22 15:04:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.22 15:04:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.22 15:04:13 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.22 15:04:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.22 15:03:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.22 15:03:21 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.22 15:03:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.22 15:02:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.05.22 15:02:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.22 15:02:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.05.22 15:02:52 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.22 15:02:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.22 15:02:51 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.22 15:02:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.22 15:01:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.05.22 15:01:42 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.05.22 15:01:42 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.05.22 15:01:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.05.22 15:00:01 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.05.22 15:00:01 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.05.22 15:00:01 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.05.22 14:59:26 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.22 14:59:17 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.22 14:56:54 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.22 14:56:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.22 14:56:53 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.22 14:56:53 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.22 14:56:53 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.22 14:56:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.22 14:56:53 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.22 14:56:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.15 13:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.05.15 13:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011.05.15 13:44:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\Documents\Simply Super Software
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\AppData\Roaming\Simply Super Software
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011.05.11 07:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.11 07:01:10 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.05.11 07:01:10 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.05.11 06:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011.05.10 09:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2011.04.28 07:58:07 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\Bartonicek\AppData\Local\setup231.exe
[2010.08.17 13:28:35 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.sys
[2006.05.05 17:14:20 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[2006.04.13 16:38:10 | 000,409,600 | ---- | C] (Creative Labs) -- C:\Program Files\defopenal32.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.06.08 15:13:08 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.08 15:07:29 | 000,001,869 | ---- | M] () -- C:\Users\Bartonicek\Desktop\OTL – zástupce.lnk
[2011.06.08 15:06:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Bartonicek\Documents\OTL.exe
[2011.06.08 15:01:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.08 15:01:33 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.08 14:52:10 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.06.08 14:48:58 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.08 14:48:55 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $RECYCLER základní metodou.job
[2011.06.08 14:48:55 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $BROWSERS základní metodou.job
[2011.06.08 14:48:55 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $TEMP základní metodou.job
[2011.06.08 14:47:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.08 14:47:39 | 394,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.08 09:43:38 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.08 09:35:28 | 000,624,522 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.06.08 09:35:28 | 000,609,092 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.08 09:35:28 | 000,119,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.06.08 09:35:28 | 000,104,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.08 08:40:03 | 000,002,063 | ---- | M] () -- C:\Users\Bartonicek\Desktop\oprava – zástupce.lnk
[2011.06.08 08:38:08 | 000,000,772 | ---- | M] () -- C:\Users\Bartonicek\Documents\oprava.bat
[2011.06.08 08:10:40 | 000,000,772 | ---- | M] () -- C:\Users\Bartonicek\oprava.bat
[2011.06.07 07:54:27 | 000,001,870 | ---- | M] () -- C:\Users\Bartonicek\Desktop\Nástroj Fix it - Microsoft ATS.lnk
[2011.06.07 07:17:51 | 000,000,000 | --S- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.05.30 21:45:19 | 000,065,541 | ---- | M] () -- C:\Users\Bartonicek\Documents\STM_CZ0606000000000160797389_20110126_2011000001.PDF
[2011.05.22 15:16:33 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011.05.22 15:05:35 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.05.22 15:05:21 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.22 15:05:06 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.05.22 15:04:49 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.22 15:04:28 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.22 15:04:13 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.22 15:04:13 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.22 15:03:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.22 15:03:21 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.22 15:03:21 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.22 15:02:53 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.05.22 15:02:53 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.22 15:02:52 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.05.22 15:02:52 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.22 15:02:52 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.22 15:02:51 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.22 15:02:50 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.22 15:01:42 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.05.22 15:01:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.05.22 15:01:42 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.05.22 15:01:42 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.05.22 15:00:01 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.05.22 15:00:01 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.05.22 15:00:01 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.05.22 14:59:26 | 000,026,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.22 14:59:17 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.22 14:56:54 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.22 14:56:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.22 14:56:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.22 14:56:53 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.22 14:56:53 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.22 14:56:53 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.22 14:56:53 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.22 14:56:53 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.15 13:46:20 | 000,001,024 | ---- | M] () -- C:\Users\Bartonicek\Desktop\Trojan Remover .lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.08 15:07:29 | 000,001,869 | ---- | C] () -- C:\Users\Bartonicek\Desktop\OTL – zástupce.lnk
[2011.06.08 09:43:38 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.08 08:40:01 | 000,002,063 | ---- | C] () -- C:\Users\Bartonicek\Desktop\oprava – zástupce.lnk
[2011.06.08 08:38:05 | 000,000,772 | ---- | C] () -- C:\Users\Bartonicek\Documents\oprava.bat
[2011.06.08 07:56:46 | 000,000,772 | ---- | C] () -- C:\Users\Bartonicek\oprava.bat
[2011.06.07 07:54:27 | 000,001,870 | ---- | C] () -- C:\Users\Bartonicek\Desktop\Nástroj Fix it - Microsoft ATS.lnk
[2011.05.30 21:45:07 | 000,065,541 | ---- | C] () -- C:\Users\Bartonicek\Documents\STM_CZ0606000000000160797389_20110126_2011000001.PDF
[2011.05.15 13:46:20 | 000,001,024 | ---- | C] () -- C:\Users\Bartonicek\Desktop\Trojan Remover .lnk
[2011.05.15 13:44:33 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2011.05.15 13:44:33 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2011.05.15 13:44:32 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2011.05.15 13:44:32 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2011.05.08 13:23:05 | 000,000,805 | ---- | C] () -- C:\Windows\ScanSpyware.INI
[2011.04.13 13:11:50 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2011.04.13 13:11:50 | 000,011,520 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2011.03.10 22:21:58 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.08 13:04:55 | 000,604,140 | -HS- | C] () -- C:\Windows\System32\drivers\ISwift3(20).dat
[2010.12.12 17:51:59 | 000,001,141 | ---- | C] () -- C:\Program Files\MoorHuhnKartThunder.lnk
[2010.11.05 11:15:24 | 000,007,598 | ---- | C] () -- C:\Users\Bartonicek\AppData\Local\Resmon.ResmonCfg
[2010.10.20 15:24:49 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.08.17 13:33:58 | 000,000,671 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\vso_ts_preview.xml
[2010.08.17 13:28:35 | 000,087,608 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\inst.exe
[2010.08.17 13:28:35 | 000,007,887 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.cat
[2010.08.17 13:28:35 | 000,001,144 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.inf
[2010.07.09 09:23:48 | 000,000,810 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010.06.15 22:26:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.06.15 22:26:33 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.06.02 15:18:05 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
[2010.05.23 11:01:57 | 000,199,168 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2010.05.19 16:24:46 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.07.14 10:44:22 | 000,624,522 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,119,604 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,410,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,609,092 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,104,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.06.07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.06.07 16:16:12 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.01.28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.01.22 21:14:00 | 007,251,672 | ---- | C] () -- C:\Program Files\25.exe
[2006.05.31 09:55:58 | 283,993,895 | ---- | C] () -- C:\Program Files\data
[2004.12.30 11:20:28 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2002.10.23 16:15:26 | 000,036,352 | ---- | C] () -- C:\Windows\System32\DZSFXUS.bin

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.07.14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2011.02.24 07:29:55 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.10.24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\MpNWMon.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2011.05.22 14:59:26 | 000,026,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.22 15:03:21 | 000,728,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[2011.05.22 15:03:21 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.22 14:58:47 | 000,194,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fvevol.sys
[2011.05.22 14:59:17 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.03 16:33:46 | 003,484,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2011.05.22 14:59:06 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

Re: Přidružení programu k souboru

Napsal: 08 čer 2011 16:34
od stell
Nevlozil si EXSTRAS>TXT.,

Spust OTL, do okna skopiruj zeleny text, a klikni na tlacitko OPRAVIT
Log po restarte vloz sem.
A napis ci problem pretrvava.

Kód: Vybrat vše

:OTL
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9
:Commands 
[emptytemp] 
[start explorer]
[Reboot]

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 18:39
od petr7777
Tak doufám že je to už správně


OTL logfile created on: 9.6.2011 19:19:12 - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Bartonicek\Documents
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

501,20 Mb Total Physical Memory | 47,92 Mb Available Physical Memory | 9,56% Memory free
1,49 Gb Paging File | 0,46 Gb Available in Paging File | 31,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,26 Gb Total Space | 11,28 Gb Free Space | 16,77% Space Free | Partition Type: NTFS
Drive H: | 7,27 Gb Total Space | 3,17 Gb Free Space | 43,58% Space Free | Partition Type: NTFS

Computer Name: BARTONICEK-PC | User Name: Bartonicek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Users\Bartonicek\Dokumenty\OTL.exe
PRC - [2011.05.22 15:04:49 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.05.22 14:09:17 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.04.14 13:26:56 | 000,428,544 | ---- | M] (Sony Ericsson) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2011.03.09 14:30:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.12.13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
PRC - [2010.11.30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010.11.11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010.11.11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010.05.03 13:56:32 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2010.04.07 17:48:14 | 000,303,104 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2010.03.31 15:32:52 | 000,180,224 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2010.03.12 12:13:06 | 000,053,248 | ---- | M] (ioCentre) -- C:\Genius\ioCentre\gIoCentreFunMgm.exe
PRC - [2010.03.11 11:33:12 | 000,012,288 | ---- | M] () -- C:\Genius\ioCentre\GMouseService.exe
PRC - [2009.09.23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009.09.03 11:30:38 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - File not found -- C:\Users\Bartonicek\Dokumenty\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.03.09 14:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011.02.10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.11.11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010.11.11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.11.05 15:32:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.11 11:33:12 | 000,012,288 | ---- | M] () [Auto | Running] -- C:\Genius\ioCentre\GMouseService.exe -- (GeniusMouseService)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Running] -- -- (MpKsl822ea515)
DRV - [2011.06.09 19:03:35 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5256A270-FD95-4F4F-B4A3-8BBDB74C29DF}\MpKsl44433e69.sys -- (MpKsl44433e69)
DRV - [2010.11.25 08:13:59 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.11.25 08:13:57 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.10.24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010.10.24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.07.06 20:03:05 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.06.28 14:27:40 | 000,272,536 | ---- | M] (COSECT, Computer Security Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\safetica.sys -- (Safetica)
DRV - [2010.06.15 22:26:36 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.06.15 22:26:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.11.02 17:47:58 | 000,011,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2009.11.02 17:43:26 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C2 39 7B 20 04 F9 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.05.19 16:23:56 | 000,000,000 | ---D | M]

[2011.04.14 14:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartonicek\AppData\Roaming\Mozilla\Extensions
[2010.05.23 13:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartonicek\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.04.04 12:39:51 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2011.06.07 07:17:51 | 000,000,000 | --S- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.06.09 19:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.06.09 18:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.06.09 18:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.06.08 19:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011.06.08 15:06:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Bartonicek\Documents\OTL.exe
[2011.06.08 09:44:04 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\AppData\Roaming\Malwarebytes
[2011.06.08 09:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.08 09:43:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.08 09:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.08 09:43:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.08 09:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.06.08 09:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011.06.08 09:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2011.06.08 09:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2011.06.08 07:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.06.07 12:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.06.07 12:31:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.07 08:04:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.06.05 12:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011.06.05 09:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011.05.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2011.05.24 15:41:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011.05.24 15:37:51 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011.05.24 15:37:49 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2011.05.24 15:37:46 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.05.24 15:37:45 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.05.24 15:37:45 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011.05.24 15:37:44 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011.05.24 15:37:35 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2011.05.24 15:37:33 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2011.05.24 15:37:33 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2011.05.24 15:37:31 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.05.24 15:37:27 | 002,161,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.05.24 15:37:22 | 000,073,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.05.24 15:37:21 | 000,485,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.05.24 15:37:20 | 004,106,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.05.24 15:37:07 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011.05.24 15:37:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011.05.24 15:37:07 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011.05.24 15:37:06 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011.05.24 15:37:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011.05.24 15:37:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011.05.24 15:36:59 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2011.05.24 15:36:59 | 001,004,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2011.05.24 15:36:58 | 000,102,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2011.05.24 15:36:58 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2011.05.24 15:36:57 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2011.05.24 15:36:57 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2011.05.24 15:36:53 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2011.05.24 15:36:51 | 001,803,608 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2011.05.24 15:36:47 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011.05.24 15:36:45 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2011.05.24 15:36:43 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011.05.24 15:36:43 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011.05.24 15:36:02 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011.05.24 15:36:02 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2011.05.24 15:36:01 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2011.05.24 15:36:00 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2011.05.24 15:35:59 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2011.05.24 15:35:58 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2011.05.24 15:35:57 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2011.05.24 15:35:56 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2011.05.24 15:35:56 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2011.05.24 15:35:55 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2011.05.24 15:35:55 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2011.05.24 15:35:53 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2011.05.24 15:35:52 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2011.05.24 15:35:42 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011.05.24 15:35:42 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011.05.22 15:05:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.05.22 15:05:21 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.22 15:05:06 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.05.22 15:04:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.22 15:04:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.22 15:04:13 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.22 15:04:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.22 15:03:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.22 15:03:21 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.22 15:03:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.22 15:02:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.05.22 15:02:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.22 15:02:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.05.22 15:02:52 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.22 15:02:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.22 15:02:51 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.22 15:02:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.22 15:01:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.05.22 15:01:42 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.05.22 15:01:42 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.05.22 15:01:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.05.22 15:00:01 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.05.22 15:00:01 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.05.22 15:00:01 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.05.22 14:59:26 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.22 14:59:17 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.22 14:56:54 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.22 14:56:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.22 14:56:53 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.22 14:56:53 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.22 14:56:53 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.22 14:56:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.22 14:56:53 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.22 14:56:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.15 13:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.05.15 13:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011.05.15 13:44:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\Documents\Simply Super Software
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\Users\Bartonicek\AppData\Roaming\Simply Super Software
[2011.05.15 13:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011.05.11 07:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.11 07:01:10 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.05.11 07:01:10 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.05.11 06:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011.04.28 07:58:07 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Users\Bartonicek\AppData\Local\setup231.exe
[2010.08.17 13:28:35 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.sys
[2006.05.05 17:14:20 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[2006.04.13 16:38:10 | 000,409,600 | ---- | C] (Creative Labs) -- C:\Program Files\defopenal32.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.06.09 19:18:11 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.09 19:18:11 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.09 19:13:09 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.09 18:54:15 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.06.09 18:49:38 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.06.09 18:46:28 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.09 18:46:22 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $RECYCLER základní metodou.job
[2011.06.09 18:46:22 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $BROWSERS základní metodou.job
[2011.06.09 18:46:22 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Datová skartovačka - Speciální položka $TEMP základní metodou.job
[2011.06.09 18:44:45 | 000,410,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.09 18:44:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.09 18:44:22 | 394,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.08 15:07:29 | 000,001,869 | ---- | M] () -- C:\Users\Bartonicek\Desktop\OTL – zástupce.lnk
[2011.06.08 15:06:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Bartonicek\Documents\OTL.exe
[2011.06.08 09:43:38 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.08 09:35:28 | 000,624,522 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.06.08 09:35:28 | 000,609,092 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.08 09:35:28 | 000,119,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.06.08 09:35:28 | 000,104,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.08 08:40:03 | 000,002,063 | ---- | M] () -- C:\Users\Bartonicek\Desktop\oprava – zástupce.lnk
[2011.06.08 08:38:08 | 000,000,772 | ---- | M] () -- C:\Users\Bartonicek\Documents\oprava.bat
[2011.06.08 08:10:40 | 000,000,772 | ---- | M] () -- C:\Users\Bartonicek\oprava.bat
[2011.06.07 07:54:27 | 000,001,870 | ---- | M] () -- C:\Users\Bartonicek\Desktop\Nástroj Fix it - Microsoft ATS.lnk
[2011.06.07 07:17:51 | 000,000,000 | --S- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.05.30 21:45:19 | 000,065,541 | ---- | M] () -- C:\Users\Bartonicek\Documents\STM_CZ0606000000000160797389_20110126_2011000001.PDF
[2011.05.22 15:16:33 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011.05.22 15:05:35 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.05.22 15:05:21 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.22 15:05:06 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.05.22 15:04:49 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.22 15:04:28 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.22 15:04:13 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.22 15:04:13 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.22 15:03:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.22 15:03:21 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.22 15:03:21 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.22 15:02:53 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.05.22 15:02:53 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.22 15:02:52 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.05.22 15:02:52 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.22 15:02:52 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.22 15:02:51 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.22 15:02:50 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.22 15:01:42 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.05.22 15:01:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.05.22 15:01:42 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.05.22 15:01:42 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.05.22 15:00:01 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.05.22 15:00:01 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.05.22 15:00:01 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.05.22 14:59:26 | 000,026,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.22 14:59:17 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.22 14:56:54 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.22 14:56:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.22 14:56:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.22 14:56:53 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.22 14:56:53 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.22 14:56:53 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.22 14:56:53 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.22 14:56:53 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.15 13:46:20 | 000,001,024 | ---- | M] () -- C:\Users\Bartonicek\Desktop\Trojan Remover .lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.09 18:54:15 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.06.08 15:07:29 | 000,001,869 | ---- | C] () -- C:\Users\Bartonicek\Desktop\OTL – zástupce.lnk
[2011.06.08 09:43:38 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.08 08:40:01 | 000,002,063 | ---- | C] () -- C:\Users\Bartonicek\Desktop\oprava – zástupce.lnk
[2011.06.08 08:38:05 | 000,000,772 | ---- | C] () -- C:\Users\Bartonicek\Documents\oprava.bat
[2011.06.08 07:56:46 | 000,000,772 | ---- | C] () -- C:\Users\Bartonicek\oprava.bat
[2011.06.07 07:54:27 | 000,001,870 | ---- | C] () -- C:\Users\Bartonicek\Desktop\Nástroj Fix it - Microsoft ATS.lnk
[2011.05.30 21:45:07 | 000,065,541 | ---- | C] () -- C:\Users\Bartonicek\Documents\STM_CZ0606000000000160797389_20110126_2011000001.PDF
[2011.05.15 13:46:20 | 000,001,024 | ---- | C] () -- C:\Users\Bartonicek\Desktop\Trojan Remover .lnk
[2011.05.15 13:44:33 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2011.05.15 13:44:33 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2011.05.15 13:44:32 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2011.05.15 13:44:32 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2011.05.08 13:23:05 | 000,000,805 | ---- | C] () -- C:\Windows\ScanSpyware.INI
[2011.04.13 13:11:50 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2011.04.13 13:11:50 | 000,011,520 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2011.03.10 22:21:58 | 000,000,026 | ---- | C] () -- C:\Windows\CDEDX7400EXPORT.ini
[2011.03.08 13:04:55 | 000,604,140 | -HS- | C] () -- C:\Windows\System32\drivers\ISwift3(20).dat
[2010.12.12 17:51:59 | 000,001,141 | ---- | C] () -- C:\Program Files\MoorHuhnKartThunder.lnk
[2010.11.05 11:15:24 | 000,007,598 | ---- | C] () -- C:\Users\Bartonicek\AppData\Local\Resmon.ResmonCfg
[2010.10.20 15:24:49 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.08.17 13:33:58 | 000,000,671 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\vso_ts_preview.xml
[2010.08.17 13:28:35 | 000,087,608 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\inst.exe
[2010.08.17 13:28:35 | 000,007,887 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.cat
[2010.08.17 13:28:35 | 000,001,144 | ---- | C] () -- C:\Users\Bartonicek\AppData\Roaming\pcouffin.inf
[2010.07.09 09:23:48 | 000,000,810 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010.06.15 22:26:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.06.15 22:26:33 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.06.02 15:18:05 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
[2010.05.23 11:01:57 | 000,199,168 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2010.05.19 16:24:46 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.07.14 10:44:22 | 000,624,522 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,119,604 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,410,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,609,092 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,104,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.06.07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.06.07 16:16:12 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.01.28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.01.22 21:14:00 | 007,251,672 | ---- | C] () -- C:\Program Files\25.exe
[2006.05.31 09:55:58 | 283,993,895 | ---- | C] () -- C:\Program Files\data
[2004.12.30 11:20:28 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2002.10.23 16:15:26 | 000,036,352 | ---- | C] () -- C:\Windows\System32\DZSFXUS.bin

========== Purity Check ==========



========== Custom Scans ==========


< :OTL >

< IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found >

< O13 - gopher Prefix: missing >

< O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) >
Invalid Switch: DivXBrowserPlugin.cab (Reg Error: Key error.)


< O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. >

< O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell - "" = AutoRun >

< O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe >

< O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell - "" = AutoRun >

< O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe >

< [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >

< @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9 >

< :Commands >

< [emptytemp] >

< [start explorer] >

< [Reboot] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 18:44
od stell
stell píše:Nevlozil si EXSTRAS>TXT.,

Spust OTL, do okna skopiruj zeleny text, a klikni na tlacitko OPRAVIT
Log po restarte vloz sem.
A napis ci problem pretrvava.

Kód: Vybrat vše

:OTL
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell - "" = AutoRun
O33 - MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\Shell\AutoRun\command - "" = J:\Startme.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CB0AACC9
:Commands 
[emptytemp] 
[start explorer]
[Reboot]
Takto. co keby si sem tam aj precital ze co pisem.Tvoja spolupraca je otrasne,ak chces aby som ti pomohol, tak treba vydrzat na fore.a robit co pisem.
Opacnom prpade temu zatvorim. :?:

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 18:54
od petr7777
nejsem v počítači nějaký machr,ale já ten EXSTRAS>TXT., tam nemůžu nikde najít

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 18:56
od stell
Este raz, tu neide o EXTRAS.txt, ale aby si spravil co pisem.
Spust OTL, do okna skopiruj zeleny text, a klikni na tlacitko OPRAVIT
Log po restarte vloz sem.
A napis ci problem pretrvava.

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 19:03
od petr7777
promiň ale já jsem opravdu vůl,protože jsem dával prohledat

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 19:09
od stell
Takto, mne analyza logu tra cccc 10 minut, a musim sa sustredit, ja neziadam nic viac od uzivatelov, len aby pozorne precitali tych par riadkov ze co pisem. :)
Bohuzial nie si sam, ako pozorujem 80% uzivatelov vobec necita co pisu radcovia, a potom vypadame tu ako amateri. :?:

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 19:18
od petr7777
bohužel je to stále stejné

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
C:\Windows\Downloaded Program Files\DivXPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42f66a71-c94f-11df-afc8-0019d16b9b32}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42f66a71-c94f-11df-afc8-0019d16b9b32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42f66a71-c94f-11df-afc8-0019d16b9b32}\ not found.
File J:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc34f02b-245b-11e0-9fe8-0019d16b9b32}\ not found.
File J:\Startme.exe not found.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCall.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla17.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla18.exe deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla19.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla2.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla20.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla21.dll deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseCustomCalla21.exe deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP\WiseData.ini deleted successfully.
C:\Windows\41EBC322660F4D16A0DF53147210CBDB.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bartonicek
->Temp folder emptied: 131967788 bytes
->Temporary Internet Files folder emptied: 59788614 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 26126742 bytes
->Flash cache emptied: 2145 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Romana
->Temp folder emptied: 22366684 bytes
->Temporary Internet Files folder emptied: 40154711 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2826939 bytes
->Flash cache emptied: 1037 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45086088 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 21100486 bytes

Total Files Cleaned = 333,00 mb


OTL by OldTimer - Version 3.2.23.0 log created on 06092011_200029

Files\Folders moved on Reboot...
C:\Users\Bartonicek\AppData\Local\Temp\B0B085B3-E45A-47d2-82E4-E038335848C7-szn-software-listicka-historyfile.$$$ moved successfully.
C:\Users\Bartonicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
File\Folder C:\Users\Bartonicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCC3M2WF\afr[1].htm not found!
File\Folder C:\Users\Bartonicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCC3M2WF\posting[1].htm not found!
C:\Users\Bartonicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSJGMS9E\seznam_cz[1].htm moved successfully.
C:\Users\Bartonicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\Windows\temp\TMP00000002927FFBE705936667 not found!

Registry entries deleted on Reboot...

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 19:23
od stell
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 19:59
od petr7777
ten program nejde stáhnout,udělal jsem vše jak píšou ale hlásí to že program nelze přejmenovat.Přitom já jsem nic nepřepisoval.

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 20:05
od stell
:arrow:
http://download.bleepingcomputer.com/grinler/unhide.exe
Niektoré infekcie skryjú všetky súbory na vašom počítači. Tento program odstráni skryte atribúty všetkých súborov na vašich pevných diskoch. Ak existujú súbory,ktoré boli zámerne skryté,budete ich musieť schovať znovu. Akonáhle je program stiahnutý Dvoj-kliknite na ikonu Unhide exe na ploche a nechajte program spustené.

:arrow:
http://public.avast.com/%7Egmerek/aswMBR.exe
1:Stiahnuť aswMBR.exe na plochu.
2:Dvakrát kliknite na aswMBR.exe a spusťte
3:Kliknite na tlačidlo "Scan" pre spustenie skenovania
4:V prípade infekcie Kliknite na tlačidlo "Fix"
5:Uložte asw.log na plochu.
Log vloz sem

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 20:26
od petr7777
aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-09 21:24:21
-----------------------------
21:24:21.169 OS Version: Windows 6.1.7600
21:24:21.169 Number of processors: 1 586 0x1601
21:24:21.185 ComputerName: BARTONICEK-PC UserName: Bartonicek
21:24:21.434 Initialize success
21:24:23.837 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:24:23.837 Disk 0 Vendor: WDC_WD800JD-22MSA1 10.01E01 Size: 76319MB BusType: 3
21:24:25.865 Disk 0 MBR read successfully
21:24:25.865 Disk 0 MBR scan
21:24:25.865 Disk 0 Windows 7 default MBR code
21:24:27.893 Disk 0 scanning sectors +156299440
21:24:27.908 Disk 0 scanning C:\Windows\system32\drivers
21:24:32.136 Service scanning
21:24:33.290 Disk 0 trace - called modules:
21:24:33.306 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll dxgkrnl.sys igdkmd32.sys dxgmms1.sys ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
21:24:33.322 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85369ac8]
21:24:33.322 3 CLASSPNP.SYS[8739959e] -> nt!IofCallDriver -> [0x852c7918]
21:24:33.337 5 ACPI.sys[86eb13b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x84ed0340]
21:24:33.353 Scan finished successfully
21:25:27.454 Disk 0 MBR has been saved successfully to "C:\Users\Bartonicek\Documents\MBR.dat"
21:25:27.454 The log file has been saved successfully to "C:\Users\Bartonicek\Documents\aswMBR.txt"

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 20:48
od stell
Tak to, tu nemas problem, MBR je ok,
Teraz spravis toto:
1:Otvorte Správcu úloh stlačením kombinácie klávesov
CTRL +SHIFT+ESC.
2:Kliknite na tlačidlo Súbor, súčasne stlačte kláves CTRL a kliknite na tlačidlo Nová úloha (Run ...).Otvorí sa príkazový riadok.
3:Do príkazového riadka zadajte nasledujúci príkaz: Notepad, a potom stlačte kláves ENTER.

Vložte nasledujúci text do programu Poznámkový blok:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids]
"exefile"=hex(0):
4:Potom klikneme na záložku Súbor v menu Uložiť ako..
5:Ako je Názov súboru tak do toho riadku napíšeme oprava.reg
6:Typ súboru tak tam vyberiete všetky súbory
7:Kódovanie Vybrať Unicode .

8:Vráťte sa do okna príkazového riadka,zadajte
REG IMPORT OPRAVA.reg a potom stlačte kláves ENTER.
9;Kliknite na tlačidlo Ano a kliknite na tlačidlo OK v reakcii na výzvy registra.
10:Reštartovať počítač do nudzoveho rezimu.

:arrow: 1:Reštartujeme počítač do núdzového režimu s pracou v sieti.
a:)Pri štartovaní počítača stlačte kláves F8 a podržte ho stlačený.
b:)Kláves F8 musíte stlačiť predtým, než sa zobrazí logo systému Windows.
c:)Ak sa zobrazí logo systému Windows,bude nutné pokus o stlačenie klávesu F8 zopakovať.
d:)Na obrazovke zvýraznite pomocou šípok želanú možnosť núdzového režimu a stlačte kláves ENTER.
e:Nudzovy rezim s pracou v sieti.

:arrow: Stiahnes combofix takto , pravy klik na odkaz DOWNLOAD combofixu, v menu zvolis,,, ulozit ako.....
napises stell.com a ulozis na plochu,

2x kliknes na ikonu combofixu a spustis. a caaaakas na log,,, vloz sem
http://www.infospyware.net/antimalware/combofix/

Re: Přidružení programu k souboru

Napsal: 09 čer 2011 21:14
od petr7777
V příkazovém řádku to hlásí chybu:při otevření souboru došlo k chybě.Pravděpodobně jde o chybu disku nebo systémového souboru
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz