VIRY.CZ

Tak mám Log z MBAM: Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.03.21.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
pc :: PC-PC [administrátor]

21.3.2012 15:35:48
11

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 354431
Uplynulý čas: 1 hodin, 44 minut, 56 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 71
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 19
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\2.bin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\2.bin\chrome (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\chrome (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\History (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 62
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Users\pc\AppData\LocalLow\MyWebSearch\bar\setups\mwsautSp.exe (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Users\pc\Desktop\Sklad\Humor\humor - III\KOZY.EXE (Hoax.BadJoke) -> Žádná instrukce nebyla provedena.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Žádná instrukce nebyla provedena.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\INSTALL.RDF (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.

(konec)

Vsechny nalezy (vcetne tech trojanu) patri MyWebSearch, coz je taky poradna brzda. Nechte vsechno odstranit a dejte vedet, jestli se to zlepsilo

Jedine toto je nejaky vtip, pokud to znate, mazat nemusite
C:\Users\pc\Desktop\Sklad\Humor\humor - III\KOZY.EXE (Hoax.BadJoke) -> Žádná instrukce nebyla provedena.

Když jsem to vše neoznačil musim udělat nový scan nebo to někde naleznu?

Udelejte radeji novy. Jinak mozna v zalozce Protokoly, ale nevim, jestli tam nebude jen log. Nemem MBAM nainstalovany, takze nemuzu vyzkouset

Tak jsem mu to vyčistil místo AVG jsem mu dal avast 7 free. večer přidám nový log z rsit. Jelikož se mu restartoval pc tak musím počkat až se zase spojíme přez TeamViewer, jelikož se k němu v týdnu nedostanu. Akorád ten start pc- co by to mohlo jěště ovlivňovat

Nový Log: Logfile of random's system information tool 1.09 (written by random/random)
Run by pc at 2012-03-21 21:35:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 3 GB (3%) free of 119 GB
Total RAM: 1917 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:19, on 21.3.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Automatické vypnutí počítače\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\System32\notepad.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\Downloads\RSIT.exe
C:\Program Files\trend micro\pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1424
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Automatické vypnutí počítače.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7179 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1424 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Automatické vypnutí počítače.lnk - C:\Program Files\Automatické vypnutí počítače\avp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\batteryoptimizer.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfhelp.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfmain.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dmflauncher.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvdmf.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwsetup.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\import.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndstray.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdiag.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartfacevsetting.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smoothview.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tacsprop.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcconf.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcrst.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\todisc.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\topi.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\toshddvd.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tosramutil.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.ac3filter"=ac3filter.acm
"vidc.divx"=divx.dll
"vidc.yv12"=divx.dll
"vidc.xvid"=xvidvfw.dll
"vidc.ffds"=ff_vfw.dll
"vidc.vp60"=C:\Windows\system32\vp6vfw.dll
"vidc.vp61"=C:\Windows\system32\vp6vfw.dll
"vidc.vp62"=vp6vfw.dll
"vidc.hfyu"=huffyuv.dll
"msacm.at3"=atrac3.acm
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-21 21:35:33 ----D---- C:\rsit
2012-03-21 21:28:29 ----N---- C:\Windows\system32\MpSigStub.exe
2012-03-21 20:21:16 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-03-21 20:21:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-03-21 20:21:12 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-03-21 20:21:12 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-03-21 20:21:11 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-03-21 20:21:10 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-03-21 20:20:47 ----A---- C:\Windows\avastSS.scr
2012-03-21 20:20:45 ----A---- C:\Windows\system32\aswBoot.exe
2012-03-21 20:20:29 ----D---- C:\ProgramData\AVAST Software
2012-03-21 20:20:29 ----D---- C:\Program Files\AVAST Software
2012-03-21 15:34:39 ----D---- C:\Users\pc\AppData\Roaming\Malwarebytes
2012-03-21 15:34:32 ----D---- C:\ProgramData\Malwarebytes
2012-03-21 15:22:12 ----D---- C:\Program Files\TeamViewer
2012-03-18 18:55:43 ----A---- C:\Windows\WORDPAD.INI
2012-03-18 13:59:05 ----D---- C:\Program Files\trend micro
2012-03-16 16:31:15 ----D---- C:\Program Files\CrystalDiskInfo
2012-03-14 15:28:59 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 15:28:58 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 15:28:58 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-14 15:28:58 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-14 15:28:58 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-14 15:28:58 ----A---- C:\Windows\system32\d2d1.dll
2012-03-14 15:28:41 ----A---- C:\Windows\system32\rdpencom.dll
2012-03-14 15:28:40 ----A---- C:\Windows\system32\drivers\rdpwd.sys

======List of files/folders modified in the last 1 month======

2012-03-21 21:36:10 ----D---- C:\Windows\Temp
2012-03-21 21:35:46 ----D---- C:\Windows\Prefetch
2012-03-21 21:28:29 ----AD---- C:\Windows\System32
2012-03-21 21:23:54 ----D---- C:\Users\pc\AppData\Roaming\Skype
2012-03-21 21:21:00 ----A---- C:\Windows\avp.ini
2012-03-21 20:43:22 ----D---- C:\Windows\system32\config
2012-03-21 20:39:26 ----SHD---- C:\Boot
2012-03-21 20:39:25 ----D---- C:\Windows
2012-03-21 20:34:11 ----D---- C:\Program Files
2012-03-21 20:34:10 ----D---- C:\Windows\system32\drivers
2012-03-21 20:34:00 ----SHD---- C:\Windows\Installer
2012-03-21 20:20:29 ----HD---- C:\ProgramData
2012-03-21 20:11:15 ----D---- C:\Windows\Debug
2012-03-21 20:10:21 ----D---- C:\Windows\L2Schemas
2012-03-21 20:10:18 ----D---- C:\ProgramData\AVG10
2012-03-21 20:06:55 ----D---- C:\Windows\Speech
2012-03-21 20:04:01 ----D---- C:\ProgramData\MFAData
2012-03-21 20:01:57 ----D---- C:\Windows\system32\drivers\AVG
2012-03-21 20:01:33 ----D---- C:\Windows\inf
2012-03-21 20:01:33 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-03-21 20:01:31 ----D---- C:\Program Files\AVG Secure Search
2012-03-21 18:54:47 ----AD---- C:\ProgramData\TEMP
2012-03-21 15:30:55 ----D---- C:\Program Files\DAEMON Tools Toolbar
2012-03-18 18:28:07 ----D---- C:\Windows\system32\drivers\etc
2012-03-18 18:27:40 ----D---- C:\Windows\Tasks
2012-03-18 14:14:52 ----SD---- C:\ProgramData\Microsoft
2012-03-18 14:10:28 ----RD---- C:\Program Files\Skype
2012-03-16 16:41:26 ----D---- C:\Windows\system32\Tasks
2012-03-15 22:05:20 ----D---- C:\Program Files\Mozilla Firefox
2012-03-15 22:05:18 ----D---- C:\Users\pc\AppData\Roaming\Mozilla
2012-03-15 20:19:49 ----D---- C:\Windows\winsxs
2012-03-15 14:44:22 ----A---- C:\Windows\system32\mrt.exe
2012-03-15 14:43:48 ----D---- C:\Windows\system32\catroot
2012-03-15 14:42:34 ----D---- C:\ProgramData\Microsoft Help
2012-03-15 14:40:42 ----D---- C:\Program Files\Windows Mail
2012-03-14 19:01:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-14 15:28:16 ----D---- C:\Windows\system32\catroot2
2012-03-07 19:31:23 ----D---- C:\Users\pc\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-25 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2008-11-04 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-27 2929664]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-10-15 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-10-15 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-12-28 104448]
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-11-08 10064]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-10-15 661504]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
S3 ah8bybh1;ah8bybh1; C:\Windows\system32\drivers\ah8bybh1.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-02-20 60416]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 VHidMinidrv;Bluetooth HID Device Service; C:\Windows\system32\drivers\VHIDMini.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-07-27 610304]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [2010-12-03 196912]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 Battery Optimizer;Battery Optimizer; C:\Program Files\ReviverSoft\Battery Optimizer\BatteryOptimizerService.exe [2010-09-14 103296]
S4 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-08 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-08 136176]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
S4 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
S4 TosCoSrv;TOSHIBA Power Saver; c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

-----------------EOF-----------------

Zustaly tam jeste nejake zbytky po tom AVG. Tak mi dejte log z OTL a podivame se, jestli tam jeste nekde neco nestrasi a zabvime se i toho AVG. Jo a ted uz jste s tim mistem fakt na hranici. Od posledniho logu je ho zase o 2GB mene

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte.

OTL logfile created on: 22.3.2012 17:57:26 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\pc\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 47,28% Memory free
3,99 Gb Paging File | 2,86 Gb Available in Paging File | 71,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,21 Gb Total Space | 6,24 Gb Free Space | 5,37% Space Free | Partition Type: NTFS
Drive E: | 115,21 Gb Total Space | 8,40 Gb Free Space | 7,29% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.03.22 17:49:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.23 11:40:42 | 002,394,496 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe
PRC - [2012.02.23 11:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.02.23 11:40:40 | 007,983,488 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.02.23 11:24:59 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2011.12.14 12:47:02 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.12.14 12:47:00 | 001,514,304 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2010.12.03 11:09:06 | 000,196,912 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.29 18:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.11.15 15:02:00 | 000,175,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FAMTEDE.EXE
PRC - [2004.12.28 18:40:36 | 000,443,392 | ---- | M] (Martin Pospíšil) -- C:\Program Files\Automatické vypnutí počítače\avp.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.15 06:03:36 | 000,429,040 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
MOD - [2012.02.15 06:03:34 | 003,772,912 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012.02.15 06:02:10 | 000,122,880 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012.02.15 06:02:08 | 000,220,672 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012.02.15 06:02:07 | 001,747,456 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012.02.15 03:00:24 | 008,593,568 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
MOD - [2012.02.15 03:00:24 | 008,593,568 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\APPLIC~1\170963~1.56\gcswf32.dll
MOD - [2010.02.10 17:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.07.27 22:26:30 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.23 11:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.14 12:47:00 | 001,514,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 12:46:50 | 000,028,992 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.12.03 11:09:06 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2010.09.14 18:33:24 | 000,103,296 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ReviverSoft\Battery Optimizer\BatteryOptimizerService.exe -- (Battery Optimizer)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.02.05 04:16:20 | 000,419,224 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2008.11.04 02:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\VHIDMini.sys -- (VHidMinidrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (af4c5zu9)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.08 21:25:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.10.25 17:26:22 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.05 05:16:10 | 000,028,048 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2010.02.05 04:16:10 | 000,066,952 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthav.sys -- (csr_a2dp)
DRV - [2010.02.05 04:16:08 | 000,048,024 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2010.01.21 00:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 00:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 00:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.11.04 02:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007.12.28 19:21:54 | 000,104,448 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.12.26 10:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.12.17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.07.27 22:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.11.02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.10.30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{91180E02-7681-4BB9-A339-6067113AB848}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2786678
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 27DE09524A
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60040
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{91180E02-7681-4BB9-A339-6067113AB848}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={98BA ... 2011-12-10 12:06:35&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browse ... earchTerms}
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{AE6F8D16-FCA4-47F1-BD29-05AAB3F4C7F2}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2786678
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatc ... 093&lng=cs
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\ [2011.04.25 20:21:30 | 000,000,000 | ---D | M]

[2012.03.15 22:05:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.25 14:22:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.12 17:01:59 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={98BA ... 2011-12-10 12:06:35&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/sea ... utEncoding}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\pc\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Windows\system32\C2MP\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: avast! WebRep = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.18 18:28:07 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk = C:\Program Files\Automatické vypnutí počítače\avp.exe (Martin Pospíšil)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6830572D-B8FB-48A4-B07E-1BB288E40107}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\pc\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\batteryoptimizer.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\cfhelp.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\cfmain.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\dmflauncher.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\dvdmf.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hwsetup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\import.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ndstray.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pcdiag.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\smartfacevsetting.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\smoothview.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\tacsprop.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\tfcconf.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\tfcrst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\todisc.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\topi.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\toshddvd.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\tosramutil.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2919f889-c28c-11e0-88e0-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{2919f889-c28c-11e0-88e0-000000000000}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Error creating restore point.

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.at3 - C:\Windows\System32\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.hfyu - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.vp60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.03.22 18:00:56 | 000,000,000 | ---D | C] -- C:\Users\pc\Desktop\přebrat
[2012.03.22 17:49:20 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe
[2012.03.21 21:35:33 | 000,000,000 | ---D | C] -- C:\rsit
[2012.03.21 21:28:29 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.03.21 20:21:16 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.03.21 20:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.03.21 20:21:15 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.03.21 20:21:12 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.03.21 20:21:12 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.03.21 20:21:11 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.03.21 20:21:10 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.03.21 20:20:47 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.03.21 20:20:45 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.03.21 20:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.03.21 20:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.03.21 15:34:39 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Malwarebytes
[2012.03.21 15:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.21 15:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012.03.18 13:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.03.16 16:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012.03.16 16:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.03.14 18:58:59 | 000,000,000 | ---D | C] -- C:\Users\pc\Desktop\Od kerniho
[2012.03.14 15:28:59 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 15:28:58 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.03.14 15:28:58 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 15:28:58 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.03.14 15:28:58 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.03.14 15:28:58 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.03.14 15:28:41 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[3 C:\Users\pc\Desktop\*.tmp files -> C:\Users\pc\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.03.22 18:04:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.22 17:49:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe
[2012.03.22 16:27:27 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 16:27:27 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 16:18:42 | 000,749,234 | ---- | M] () -- C:\Users\pc\Desktop\Gogol---Revizor.pdf
[2012.03.22 14:30:04 | 000,000,030 | ---- | M] () -- C:\Windows\avp.ini
[2012.03.22 14:27:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.21 23:05:48 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.03.21 20:21:17 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.03.21 20:21:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.03.21 20:11:10 | 000,396,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.21 17:33:42 | 000,035,812 | ---- | M] () -- C:\Users\pc\Desktop\11
[2012.03.21 15:22:19 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.03.18 18:55:43 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012.03.18 18:28:07 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.03.16 16:31:17 | 000,001,730 | ---- | M] () -- C:\Users\pc\Desktop\CrystalDiskInfo.lnk
[2012.03.14 19:01:05 | 000,610,724 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.03.14 19:01:05 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.14 19:01:05 | 000,119,308 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.03.14 19:01:05 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.10 19:07:44 | 000,003,532 | ---- | M] () -- C:\drmHeader.bin
[2012.03.07 22:10:28 | 000,004,911 | -HS- | M] () -- C:\Users\pc\Desktop\Folder.jpg
[2012.03.07 22:10:28 | 000,001,430 | -HS- | M] () -- C:\Users\pc\Desktop\AlbumArtSmall.jpg
[2012.03.07 01:15:19 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.03.07 01:15:14 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.03.04 21:09:01 | 030,623,886 | ---- | M] () -- C:\Users\pc\Desktop\Kings-Of-Leon---Sex-On-Fire.flv
[2012.02.29 21:23:08 | 000,186,368 | ---- | M] () -- C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.23 09:18:36 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[3 C:\Users\pc\Desktop\*.tmp files -> C:\Users\pc\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.22 18:04:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.22 16:18:38 | 000,749,234 | ---- | C] () -- C:\Users\pc\Desktop\Gogol---Revizor.pdf
[2012.03.21 20:21:17 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.03.21 17:33:41 | 000,035,812 | ---- | C] () -- C:\Users\pc\Desktop\11
[2012.03.21 15:22:19 | 000,000,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.03.21 15:22:19 | 000,000,920 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.03.18 18:55:43 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.03.16 16:31:17 | 000,001,730 | ---- | C] () -- C:\Users\pc\Desktop\CrystalDiskInfo.lnk
[2012.03.04 21:08:20 | 030,623,886 | ---- | C] () -- C:\Users\pc\Desktop\Kings-Of-Leon---Sex-On-Fire.flv
[2012.03.02 17:11:53 | 000,003,532 | ---- | C] () -- C:\drmHeader.bin
[2012.01.23 20:21:54 | 000,000,343 | ---- | C] () -- C:\Windows\SStylerProDemo.INI
[2012.01.23 20:14:43 | 000,065,024 | ---- | C] () -- C:\Windows\System32\UninstallBeauty.exe
[2012.01.08 11:57:29 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.24 18:31:47 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.12.21 20:20:15 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010.12.12 10:30:30 | 000,000,680 | ---- | C] () -- C:\Users\pc\AppData\Local\d3d9caps.dat
[2010.10.22 21:02:22 | 004,229,639 | ---- | C] () -- C:\Users\pc\AppData\Roaming\UserTile.png
[2010.10.22 19:47:03 | 000,000,030 | ---- | C] () -- C:\Windows\avp.ini
[2010.10.17 17:51:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.10.17 17:51:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.10.13 17:17:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.10.13 16:52:11 | 000,000,026 | ---- | C] () -- C:\Windows\CDESX100EXPORT.ini
[2010.10.13 16:42:51 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.10.13 16:42:51 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.10.13 16:42:51 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.10.13 16:42:51 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.10.13 16:42:51 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.10.13 16:42:51 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.10.13 16:42:51 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.10.13 16:42:51 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.10.13 16:42:51 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.10.13 16:42:51 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.10.13 16:42:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.10.13 16:42:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.10.13 16:42:51 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.10.13 16:42:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.10.13 16:42:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.10.13 16:42:51 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.10.13 16:42:51 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.10.13 16:42:51 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.13 16:42:51 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.10.13 16:39:14 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2010.10.12 17:04:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.11 16:24:49 | 000,186,368 | ---- | C] () -- C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011.01.26 18:43:29 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\AnvSoft
[2011.07.30 18:03:08 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\AVG
[2010.10.25 17:41:01 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\DAEMON Tools Lite
[2011.05.31 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Eltima Software
[2010.12.23 16:25:33 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\EPSON
[2011.06.17 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\go
[2012.03.07 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ICQ
[2011.09.03 13:57:00 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Nitro PDF
[2011.07.24 18:55:54 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\OpenCandy
[2010.10.12 16:27:52 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Opera
[2010.10.22 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\PeerNetworking
[2011.05.31 21:49:42 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\RenPy
[2011.05.15 16:30:31 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ReviverSoft
[2010.10.11 17:07:53 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Toshiba
[2012.01.15 14:27:34 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\TuneUp Software
[2012.01.15 15:14:29 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\uTorrent
[2012.01.03 16:21:14 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Xilisoft
[2010.10.24 13:44:23 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Zoner
[2012.03.21 23:05:50 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010.10.11 19:36:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010.10.11 19:36:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010.10.11 19:36:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2010.10.11 19:36:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010.10.11 19:36:02 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010.10.11 19:36:02 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.03.11 10:56:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.03.11 10:56:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2010.10.11 19:36:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2010.10.11 19:34:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2010.10.11 19:59:33 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2010.10.11 19:34:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2010.10.11 19:16:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2010.10.11 19:34:11 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 15:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2010.10.11 19:34:12 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2010.10.11 19:16:07 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2010.10.11 19:34:17 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2010.10.11 19:34:18 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2010.10.11 19:59:32 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2010.10.11 19:59:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2010.10.11 19:16:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2010.10.11 19:16:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2010.10.11 19:16:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 14:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2010.10.11 19:16:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.03.11 09:57:44 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=FFFE00134C554E113EE186EEDDB0FF30 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20509_none_a67388ba37fe05b2\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2010.10.11 22:17:10 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2010.10.11 22:17:02 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.10.11 19:19:40 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.10.11 19:19:37 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2010.10.11 22:17:12 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.10.11 19:19:39 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.10.11 19:19:41 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.10.11 19:33:22 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2010.10.11 19:33:23 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2010.10.11 22:17:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2010.10.11 22:17:02 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.10.11 19:19:37 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.10.11 19:19:38 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2010.10.11 22:17:07 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.16 19:00:42 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Adobe
[2011.01.26 18:43:29 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\AnvSoft
[2010.10.11 15:43:46 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ATI
[2011.07.30 18:03:08 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\AVG
[2010.10.25 17:41:01 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\DAEMON Tools Lite
[2010.10.11 23:35:04 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\DivX
[2011.05.31 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Eltima Software
[2010.12.23 16:25:33 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\EPSON
[2011.06.17 15:01:03 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\go
[2010.10.11 16:14:00 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Google
[2012.03.07 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ICQ
[2010.10.11 15:43:11 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Identities
[2010.10.13 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\InstallShield
[2010.10.11 16:54:15 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Macromedia
[2012.03.21 15:34:39 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Media Center Programs
[2012.01.03 18:14:54 | 000,000,000 | --SD | M] -- C:\Users\pc\AppData\Roaming\Microsoft
[2012.01.01 21:22:55 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Motive
[2012.03.15 22:05:18 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Mozilla
[2011.12.02 19:58:56 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Nero
[2011.09.03 13:57:00 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Nitro PDF
[2011.07.24 18:55:54 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\OpenCandy
[2010.10.12 16:27:52 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Opera
[2010.10.22 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\PeerNetworking
[2011.05.31 21:49:42 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\RenPy
[2011.05.15 16:30:31 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ReviverSoft
[2012.03.22 18:52:08 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Skype
[2011.06.11 15:06:50 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\skypePM
[2010.10.11 17:07:53 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Toshiba
[2012.01.15 14:27:34 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\TuneUp Software
[2012.01.15 15:14:29 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\uTorrent
[2012.01.01 17:36:40 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\vlc
[2010.10.12 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\WinRAR
[2012.01.03 16:21:14 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Xilisoft
[2010.10.24 13:44:23 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.10.25 17:59:19 | 000,010,134 | R--- | M] () -- C:\Users\pc\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.12.18 11:04:01 | 000,349,296 | ---- | M] () -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_06C1879521134E70BFF39261515D3FC2\dlmgr_3_1.6.87.exe
[2010.12.18 11:05:43 | 031,731,328 | ---- | M] () -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_06C1879521134E70BFF39261515D3FC2\NitriPDFen32_p1v1.exe
[2010.10.08 18:13:28 | 008,099,680 | ---- | M] (ReviverSoft LLC) -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_2D9CADB2DD374126BFDAAF853F43BD6F\AFIBatteryOptimizerSetup.exe
[2011.05.15 16:28:33 | 000,416,160 | ---- | M] () -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_2D9CADB2DD374126BFDAAF853F43BD6F\LatestDLMgr.exe
[2011.06.09 20:03:56 | 005,845,528 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_F5F5D61FE22C4623BBF3D7FA0DAFBAAE\driverscanner (33).exe
[2011.07.24 18:56:16 | 005,924,184 | ---- | M] () -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_F5F5D61FE22C4623BBF3D7FA0DAFBAAE\driverscannerROW_p1v1.exe
[2011.07.24 18:55:56 | 000,416,160 | ---- | M] () -- C:\Users\pc\AppData\Roaming\OpenCandy\OpenCandy_F5F5D61FE22C4623BBF3D7FA0DAFBAAE\LatestDLMgr.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.04.08 16:55:53 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.04.08 16:55:53 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2011.04.08 16:55:46 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.10.25 17:26:22 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2011.04.08 16:55:53 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.04.08 16:55:53 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2011.04.08 16:55:46 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.03.22 18:27:27 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 18:27:27 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.21 20:21:10 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.03.21 20:11:10 | 000,396,608 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.22 18:04:33 | 000,000,512 | ---- | M] () MD5=EB87185A73E5D7374950A3436769A081 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2001.02.22 14:12:00 | 000,017,212 | ---- | M] () -- \Program Files\Croteam\Serious Sam\Help\Manual\Firecracker.gif
[2008.02.09 22:43:12 | 000,011,470 | ---- | M] () -- \Users\pc\Desktop\Sklad\Fotky a obrázky různé\Fotky z mobilů\Obrázky Různé\kolorní obr\Ice Crack.jpg
[2009.05.24 17:01:58 | 012,841,526 | ---- | M] () -- \Users\pc\Desktop\Sklad\Hudba\Hudba očíslovaná CD od č.1\(197.)Směs internet pro květen 2009\19 Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle - LMP.mp3

< *keygen* /s >

< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2007.10.23 16:52:22 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.23 16:52:22 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.23 16:52:22 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2012.01.06 17:20:23 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.06 17:20:24 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.06 17:20:23 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.06 17:20:55 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\loader.gif
[2007.02.05 15:54:52 | 000,045,056 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.exe
[2006.03.20 11:43:36 | 000,000,273 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.ini
[2010.02.10 17:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.03.15 12:33:54 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.03.15 12:33:54 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.10.25 17:29:22 | 000,057,728 | ---- | M] () -- \Users\pc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010.10.25 17:29:22 | 000,057,728 | ---- | M] () -- \Users\pc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010.10.25 17:29:22 | 000,057,728 | ---- | M] () -- \Users\pc\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2010.12.22 15:11:26 | 000,003,129 | ---- | M] () -- \Users\pc\AppData\LocalLow\MyWebSearch\bar\Avatar\COMMON\loader.htm
[2011.04.18 15:49:51 | 847,482,512 | ---- | M] () -- \Users\pc\Desktop\Filmy\Nazi.hraci.TVrip.CZ.by.mota.of.PowerUploaders.avi
[2008.09.25 22:15:02 | 003,726,063 | ---- | M] () -- \Users\pc\Desktop\Sklad\Hudba\Hudba očíslovaná CD od č.1\(207.)Směs II. z mobilu od Markéty\14Toploader - Dancing In The Moonlight.mp3
[2010.12.02 16:10:04 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.10.12 18:14:24 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2010.10.12 18:14:24 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2010.10.12 18:14:24 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2010.10.19 13:30:47 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010.10.19 13:30:47 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010.10.19 13:30:47 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2010.10.12 18:13:08 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2010.10.12 18:13:08 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2010.10.11 17:06:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2010.10.11 17:06:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2010.10.11 17:06:35 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2010.10.11 17:06:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2010.10.11 17:07:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2010.10.11 17:07:12 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2010.10.11 17:07:33 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2010.10.11 17:06:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2010.10.11 17:05:59 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2010.10.11 17:06:35 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2010.10.11 17:06:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2010.10.11 17:07:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2010.10.11 17:07:11 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2010.10.11 17:07:32 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 03:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2010.10.11 17:05:51 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2010.10.11 17:05:50 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.18 23:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2010.10.11 17:05:31 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2010.10.11 17:05:30 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.18 23:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

OTL Extras logfile created on: 22.3.2012 17:57:26 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\pc\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 47,28% Memory free
3,99 Gb Paging File | 2,86 Gb Available in Paging File | 71,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,21 Gb Total Space | 6,24 Gb Free Space | 5,37% Space Free | Partition Type: NTFS
Drive E: | 115,21 Gb Total Space | 8,40 Gb Free Space | 7,29% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3093495810-3997943258-1022461380-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AC294D3-AAB4-4934-A716-D48FB200ED99}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F4DBEE3-5053-4664-8DA0-DF4E3CDDE63F}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{1A693273-D664-40F0-90A2-1BEEA9B39B9F}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{25B9E128-3B7D-448D-8CB9-4B57A5BE2FD4}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3C9AE015-8B4C-47BA-AF37-DDCAE45FE5A8}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{498B1D40-EAB0-4B5C-A28E-8542E2230393}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4E016DFF-59E6-4EE9-8E25-0C6A40EBEF1C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{56D61F06-F322-40BC-9441-211B74C0EBC4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6D156FAC-5DD0-4EF8-9FFD-5608561FFD9D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{6F211412-4CEE-4F95-85E3-4A7FAE2BAE9D}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{877FF52F-A66B-41B3-ABA8-D967BF0BE39F}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{8F17C7AB-6C5F-4992-9340-BE3951BE6A89}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{9EB760C7-DD7B-4D1F-9B6B-8F1DF45FEE0B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE994624-D589-404D-B154-3A70DA33115C}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B1759B54-262A-4DC9-9381-F45DFC0793E0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B711567F-DEFF-401B-A773-7B53A7E6DBD6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{BB4DE04A-B4AD-4D50-AF3D-DCE0D12765DA}" = dir=in | app=c:\users\pc\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{CE6D2D67-D0FB-4A43-8C3E-6C418DD9EE2B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{D756875E-BF93-406A-B6CC-51617E56DC03}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{D9F33135-6AFB-45E9-92B3-4576FC486548}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E076F36E-6E1B-42BF-8198-954704DEC2F6}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{E079EC08-D21A-41BF-AC98-B4E764F6DD2A}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{F2330BBC-1478-4802-94CD-BB2B296F6F8F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{966C237C-4A28-421D-B6F7-1E676F421E28}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{B7C6F565-575F-41E0-A867-46BDC144CC72}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{062ABD24-47F8-D865-BCB6-A724A94BC9A5}" = CCC Help Japanese
"{06F2B3DC-74F4-300D-D41A-B21B46101CA2}" = Skins
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0A573F30-FB63-9A85-2E6E-39E1AC5366D0}" = Catalyst Control Center Localization Hungarian
"{0A9F311E-A4B9-4808-1D1C-0B2E7705A735}" = Catalyst Control Center Localization Spanish
"{0F15A965-99BA-BC9D-5A00-D7E1E7B2AE7F}" = Catalyst Control Center Localization French
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{14FEF8C7-0EB1-47F2-6A13-D43171D4DFBB}" = Catalyst Control Center Localization Greek
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1D4D4C5C-6771-A416-0FC9-167F47C4D977}" = Catalyst Control Center Localization Polish
"{1E32C2AB-9722-5F41-7BDE-24B5AFD2BCE6}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{21AEC16B-1C21-81B4-DA88-2235CC1F7E39}" = Catalyst Control Center Localization Japanese
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{288306FF-D5B5-7398-0617-E52F625C6797}" = CCC Help Norwegian
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{397AC65E-CB4A-29C2-ACF9-D04444438971}" = Catalyst Control Center Localization Thai
"{3B96A467-811C-F9FE-B8D6-3BC952025F44}" = Catalyst Control Center Localization Dutch
"{3BEEC9AD-FA8F-B413-6BBC-8B5DC7C8E08F}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{45ECDC05-71AC-6372-2A17-4139B6296F4F}" = ccc-core-static
"{480C3278-56A7-3F05-3829-6DC5D4B0CB06}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4CA4D9FC-212C-9F69-E760-DB4BEB34FEB5}" = CCC Help Thai
"{4DE0D937-FEB0-0D89-C8D6-35F600300BD4}" = CCC Help French
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{526B6DD3-0C43-2C13-7DF8-44D20D4E9853}" = CCC Help English
"{544587B1-B057-F0B3-7B19-6898ADBED9AC}" = Catalyst Control Center Localization Czech
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{571C0874-A931-EEFE-E89D-8F912F633B9F}" = CCC Help Danish
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63427619-C918-6F3C-7318-11DDA4975241}" = ATI Catalyst Install Manager
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{648B4A01-F609-1D4E-556C-0F18B54E9E1C}" = Catalyst Control Center Localization Italian
"{64F18837-72CE-DC38-899C-260AF20F979A}" = CCC Help Swedish
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67E321F8-2A04-44AB-8F28-A88A5F66732A}" = Battery Optimizer
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69C82DDB-3FBC-EBEC-AE0A-3ABF1F3BD39B}" = CCC Help Polish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C530FF7-F6F2-FD4C-0CFC-49AD3E7244A9}" = Catalyst Control Center Localization Turkish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CA2BE46-A562-8CA4-1C33-CC2681B2DDA1}" = CCC Help Finnish
"{6DBBEC03-716B-7954-873A-B782100831C5}" = Catalyst Control Center Graphics Full New
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70BCBA77-83D9-2075-1F99-69D65C44B422}" = Catalyst Control Center Graphics Full Existing
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{78E6BC53-F765-2629-C028-9F3CD49F70D4}" = CCC Help Chinese Standard
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7ECE1045-66CB-2A70-7EAE-BE508AF95CF2}" = Catalyst Control Center Graphics Previews Vista
"{815050E5-F545-11D4-9569-004095812ACC}" = Serious Sam: The First Encounter
"{81F93FA5-BA87-322F-2166-4D1F0FFE196E}" = CCC Help Greek
"{8376FC56-5456-DFF9-5C36-FAB3DE39F5DF}" = Catalyst Control Center Localization Norwegian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85B3880D-F0D2-A50C-1464-7EF646A1D21D}" = Catalyst Control Center Localization Danish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D0957A4-8EE7-E273-0BFC-9B235BEAA41A}" = CCC Help Dutch
"{8D44F868-DA59-B1BF-CC33-58B0AF8E2E39}" = Catalyst Control Center Localization Chinese Traditional
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3F65CA-78FA-4749-004B-23743CF642D1}" = Catalyst Control Center Localization Korean
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FB2898C-7178-4AF5-BA74-9A043DFE05C1}" = Nitro PDF Reader
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Ztlumení jednotky CD/DVD
"{A5B13934-D1C9-D33B-982E-BB09A19C0F90}" = Catalyst Control Center Localization Finnish
"{A60F4402-4CCE-E695-64C6-F0636ACC347F}" = CCC Help Italian
"{A91A0484-8087-A838-9BA6-03374BE3F2CE}" = Catalyst Control Center Localization Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AA725670-A7B4-D1B0-4EF5-F4B2E418C9F4}" = Catalyst Control Center Localization German
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADBE6E56-60E7-7FC3-467A-827987BE09CE}" = Catalyst Control Center Localization Swedish
"{B1819DF7-D6B1-27AA-3A3B-6560C348C386}" = Catalyst Control Center Core Implementation
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B9CD69C2-D14E-C499-C18B-7342E5FE245E}" = Catalyst Control Center Localization Chinese Standard
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}" = Catalyst Control Center - Branding
"{D8F9F4CB-41A1-CF15-39A2-75F28E0B9991}" = CCC Help Korean
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDA258BA-57D9-A76C-84CB-F19571A45FC8}" = ccc-utility
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DF73BEDD-8A09-A6E2-462B-3BDF398BAFB2}" = CCC Help Czech
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{E70A3EE1-067D-8C6C-1C89-9F3A1BA4CF2C}" = Catalyst Control Center Graphics Light
"{E87A8D96-5795-A788-18A2-3BCC20B09E7C}" = CCC Help Chinese Traditional
"{EB295AF7-C2D1-D911-9E62-F288874B96F4}" = CCC Help Turkish
"{EBCD5E4C-F14A-B147-39FE-906F75AC4ACE}" = CCC Help Russian
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F36D6137-FD4C-1F67-7B2A-815BB05BB825}" = CCC Help German
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F84C1DC6-4B39-1A34-AD6E-A6EE49A3DD78}" = CCC Help Hungarian
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2011 Gabriela Guncikova_is1" = 2011 Gabriela Guncikova
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Audio Converter_is1" = Any Audio Converter 3.0.7
"Automatické vypnutí počítače (AVP)_is1" = Automatické vypnutí počítače 1.0
"avast" = avast! Free Antivirus
"Beauty Wizard" = Beauty Wizard
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 7.1.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"King" = King
"LG Internet Kit" = LG Internet Kit
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Money S3" = Ekonomický systém Money S3
"Opera 11.61.1250" = Opera 11.61
"Salon Styler Pro demo" = Salon Styler Pro demo
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VLC media player" = VLC media player 1.1.10
"WiMood plugins" = WiMood plugins
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3093495810-3997943258-1022461380-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.3.2012 16:28:23 | Computer Name = pc-PC | Source = VSS | ID = 40
Description =

Error - 21.3.2012 16:28:23 | Computer Name = pc-PC | Source = VSS | ID = 12292
Description =

Error - 21.3.2012 16:28:23 | Computer Name = pc-PC | Source = System Restore | ID = 8193
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 40
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 12292
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 40
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 12292
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 40
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = VSS | ID = 12292
Description =

Error - 22.3.2012 13:04:23 | Computer Name = pc-PC | Source = System Restore | ID = 8193
Description =

[ OSession Events ]
Error - 4.1.2011 13:11:21 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1510
seconds with 1020 seconds of active time. This session ended with a crash.

Error - 5.1.2011 14:17:27 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3.2.2011 15:32:16 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error - 30.9.2011 14:27:11 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6546.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 94543
seconds with 1440 seconds of active time. This session ended with a crash.

Error - 18.1.2012 18:37:20 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17528
seconds with 1140 seconds of active time. This session ended with a crash.

Error - 6.2.2012 13:00:30 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20.2.2012 15:13:22 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1.3.2012 11:42:11 | Computer Name = pc-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.3.2012 16:43:16 | Computer Name = pc-PC | Source = DCOM | ID = 10010
Description =

Error - 21.3.2012 16:46:45 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 21.3.2012 16:46:45 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 21.3.2012 16:49:20 | Computer Name = pc-PC | Source = DCOM | ID = 10010
Description =

Error - 21.3.2012 16:52:52 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 21.3.2012 17:13:26 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 21.3.2012 18:05:36 | Computer Name = pc-PC | Source = DCOM | ID = 10010
Description =

Error - 22.3.2012 9:27:27 | Computer Name = pc-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001B9EEB8E08
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.3.2012 9:30:12 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 22.3.2012 11:02:29 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7001
Description =

< End of report >

Málem bych zapomněl po tom procesu se mu oběvily nějaké ikony na ploše nebo co a když to chtěl otevřit tak tam nebylo nic cca 20 ikon tak je dal zatim do koše a nemazal. Tak nevím ale kontrola proběhla log vyšel takže budem čekat co dál.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

:otl
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=Q6&apn_dtid=YYYYYYYYCZ&apn_uid=8AD2A90E-8DDE-4EB3-BACA-72EE63AC49CC&apn_sauid=8CD36222-20D1-4DEA-9639-9B27DE09524A
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60040
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKU\S-1-5-21-3093495810-3997943258-1022461380-1000\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatc ... tp=bs&qkw={searchTerms}&tbid=80093&lng=cs
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - Reg Error: Value error. File not found
[2012.03.14 19:01:05 | 000,610,724 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.03.14 19:01:05 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.14 19:01:05 | 000,119,308 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.03.14 19:01:05 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files\MyWebSearch

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=-

:services
AVG Security Toolbar Service

:commands
[EMPTYTEMP]
[Purity]
[EMPTYFLASH]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Tech ikon se nebojte, to jsou docasne soubory OTLka. Melo by to pak zmizet samo

Ok Márty84 řeknu to na rovinu budu to muset provéct až navečer kolem 18 h. On bratr studuje a notebook nosí s sebou, takže se s ním spojím až potom.

k těm ikonám - nevěděl jsem o co de, tak jsem mu řekl ať to prozatím dá do koše, ale aby to nemazal že se na to právě zeptám. Byl by problém s tím Otl, kdyby náhodou ty ikony smazal? Neříkám že to udělal, ale večer sem sním pak nemluvil, tak doufám že to neodmáz

ja vam na rovinu reknu, ze to vubec nevadi, vsak neni kam spechat

Ja taky odpovidam az kdyz mam cas

Myslim, ze i kdyby je smazal, stejne by zadny problem nebyl. Nebo jsem se s tim aspon jeste nesetkal.

Jinak za to volné místo na disku jsem mu

a on to opravil, takže má na C - 6 gb a na D - 8 gb. Jinak tamto vložím až navečer, zatím dík

VIRY.CZ

Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku

Re: Kontrola bratrova Notebooku