VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

mužu poprosit o preventivku

https://forum.viry.cz:443/viewtopic.php?t=107509

Stránka 1 z 2

mužu poprosit o preventivku

Napsal: 13 pro 2010 21:10
od bigmuff
ahojky mohl by někdo kuknout na log. PC běží jak má,ale měl jsem trable s emailem a qipem

u emailu se mě změnil typ servru příchozí pošty z pop3.seznam.cz na pop3.seznamt.cz

a u qipu se mě nějak měnilo heslo-odstanil jsem učet-zadal ho znovu a zatim OK

tak projistotu dávam log. předem diky

Logfile of random's system information tool 1.08 (written by random/random)
Run by miXik at 2010-12-13 20:47:28
Microsoft Windows 7 Ultimate
System drive C: has 45 GB (63%) free of 71 GB
Total RAM: 2046 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:49, on 13.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\qip\QIP Infium PafoLitePack\inf.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\miXik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mixik.ic.cz
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LManager] C:\PROGRA~2\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [VistaBatterySaver] C:\Program Files (x86)\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SJelite3Launch] C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79E85C49-4A3D-4502-AF48-4190E1A50823}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{79E85C49-4A3D-4502-AF48-4190E1A50823}: NameServer = 10.0.0.1,82.119.243.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{79E85C49-4A3D-4502-AF48-4190E1A50823}: NameServer = 10.0.0.1,82.119.243.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AV Engine Scanning Service - Unknown owner - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Common Toolkit Service - SPAMfighter - C:\Program Files (x86)\Common Files\Common Toolkit Suite\FighterSuiteService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 9008 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Essentials\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Common Toolkit Suite\FighterSuiteService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe"
"C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe"
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe"
"C:\Windows\System32\StikyNot.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\SysWOW64\IoctlSvc.exe
"C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2644
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\PROGRA~1\MICROS~4\msseces.exe"
"C:\Program Files (x86)\qip\QIP Infium PafoLitePack\inf.exe" /isolated
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /showGadgets
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmprph.exe" -Embedding
"C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "http://www.mixik.ic.cz/"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5744.a284080.888212246 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 5744 plugin \\.\pipe\gecko-crash-server-pipe.5744
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\miXik\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-23 1220392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-12-12 394616]
"VistaBatterySaver"=C:\Program Files (x86)\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe [2007-08-24 479232]
"Rainlendar2"=C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2009-02-21 4333568]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"SJelite3Launch"=C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe [2010-02-08 184320]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\PROGRA~2\LAUNCH~1\LManager.exe [2007-06-14 850704]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-13 20:47:28 ----D---- C:\rsit
2010-12-13 20:47:28 ----D---- C:\Program Files\trend micro
2010-12-13 19:58:18 ----D---- C:\Program Files (x86)\DVDFab 8
2010-12-12 14:53:41 ----D---- C:\Program Files (x86)\Photo Studio 13
2010-12-12 12:40:26 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2010-12-12 12:29:21 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 7
2010-12-12 12:29:11 ----A---- C:\Windows\WYSIWYG Web Builder 7 Setup Log.txt
2010-12-12 11:42:53 ----D---- C:\Users\miXik\AppData\Roaming\VS Revo Group
2010-12-12 01:09:02 ----A---- C:\Windows\system32\drivers\revoflt.sys
2010-12-12 01:08:59 ----D---- C:\Program Files (x86)\Revo Uninstaller Pro
2010-12-12 00:55:53 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-12-12 00:38:38 ----D---- C:\ProgramData\Apple Computer
2010-12-12 00:38:38 ----D---- C:\Program Files (x86)\QuickTime
2010-12-11 23:19:29 ----ASH---- C:\pagefile.sys
2010-12-11 23:19:15 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-12-13 20:47:28 ----RD---- C:\Program Files
2010-12-13 20:47:27 ----D---- C:\Users\miXik\AppData\Roaming\uTorrent
2010-12-13 20:47:12 ----D---- C:\Windows\Temp
2010-12-13 19:58:18 ----D---- C:\Program Files (x86)
2010-12-13 17:21:49 ----D---- C:\Users\miXik\AppData\Roaming\Vso
2010-12-12 19:33:27 ----SHD---- C:\Windows\Installer
2010-12-12 19:33:27 ----HD---- C:\Config.Msi
2010-12-12 18:39:58 ----D---- C:\Users\miXik\AppData\Roaming\vlc
2010-12-12 18:39:41 ----D---- C:\Users\miXik\AppData\Roaming\dvdcss
2010-12-12 15:51:28 ----D---- C:\Windows\System32
2010-12-12 15:51:28 ----D---- C:\Windows\inf
2010-12-12 15:51:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-12 15:44:50 ----D---- C:\Users\miXik\AppData\Roaming\Skype
2010-12-12 15:02:16 ----D---- C:\Windows\system32\Tasks
2010-12-12 15:02:05 ----RD---- C:\Program Files (x86)\Skype
2010-12-12 15:02:05 ----D---- C:\Program Files (x86)\Common Files
2010-12-12 15:01:55 ----D---- C:\ProgramData\Skype
2010-12-12 14:59:40 ----D---- C:\Users\miXik\AppData\Roaming\skypePM
2010-12-12 14:56:01 ----D---- C:\Users\miXik\AppData\Roaming\Zoner
2010-12-12 14:34:22 ----RSD---- C:\Windows\assembly
2010-12-12 14:34:22 ----D---- C:\Windows\Microsoft.NET
2010-12-12 13:21:51 ----D---- C:\Windows
2010-12-12 13:14:35 ----D---- C:\Windows\Tasks
2010-12-12 12:57:52 ----D---- C:\Users\miXik\AppData\Roaming\TuneUp Software
2010-12-12 12:57:34 ----SHD---- C:\System Volume Information
2010-12-12 12:42:15 ----D---- C:\ProgramData\TuneUp Software
2010-12-12 12:40:46 ----D---- C:\Windows\SysWOW64
2010-12-12 12:29:09 ----A---- C:\Windows\iun6002.exe
2010-12-12 12:27:18 ----D---- C:\Windows\system32\wdi
2010-12-12 11:54:28 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-12 11:52:21 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-12 11:25:53 ----D---- C:\Windows\debug
2010-12-12 11:19:17 ----D---- C:\Windows\system32\catroot2
2010-12-12 01:17:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-12-12 01:15:11 ----D---- C:\ProgramData\Microsoft Help
2010-12-12 01:09:07 ----D---- C:\Windows\system32\drivers
2010-12-12 01:06:41 ----D---- C:\Program Files (x86)\uTorrent
2010-12-12 00:57:14 ----D---- C:\Program Files (x86)\CCleaner
2010-12-12 00:55:53 ----D---- C:\ProgramData
2010-12-12 00:47:12 ----D---- C:\Program Files\Microsoft Security Essentials
2010-12-12 00:28:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-12 00:24:04 ----D---- C:\Windows\Prefetch
2010-12-12 00:23:31 ----D---- C:\Windows\SoftwareDistribution
2010-12-12 00:17:57 ----SHD---- C:\Recovery
2010-12-12 00:17:54 ----D---- C:\Windows\system32\config
2010-12-12 00:17:53 ----D---- C:\Windows\system32\Msdtc
2010-12-11 23:19:36 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-21 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 173984]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 359552]
R2 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS [2007-06-21 35840]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 17024]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys [2006-08-05 9728]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 bbcap;bb_capture_driver; C:\Windows\system32\DRIVERS\bbcap.sys [2009-10-15 4608]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2006-10-19 296448]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2007-06-14 25872]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2006-10-19 1513472]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 36352]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-10-15 82816]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-12-17 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-23 322608]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 314880]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2006-10-19 731648]
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys []
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 aaps55fy;aaps55fy; C:\Windows\system32\drivers\aaps55fy.sys []
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [2009-10-29 13720]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 Common Toolkit Service;Common Toolkit Service; C:\Program Files (x86)\Common Files\Common Toolkit Suite\FighterSuiteService.exe [2009-10-29 676488]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2007-06-29 53248]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [2010-12-12 186760]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [2006-08-05 410624]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 AV Engine Scanning Service;AV Engine Scanning Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-17 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2009-11-15 13080]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-03-03 332720]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-02-26 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Re: mužu poprosit o preventivku

Napsal: 13 pro 2010 21:48
od bigmuff
malwarebytes našel
Obrázek

dal jsem odstranit

Re: mužu poprosit o preventivku

Napsal: 14 pro 2010 00:06
od motji
Dobrý večer :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)

Re: mužu poprosit o preventivku

Napsal: 14 pro 2010 21:18
od bigmuff
dobry večer,nyní jsem se k tomu dostal-bylo provedeno a zde logy

OTL Extras logfile created on: 14.12.2010 20:51:44 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\miXik\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,64 Gb Total Space | 46,25 Gb Free Space | 66,40% Space Free | Partition Type: NTFS
Drive D: | 9,76 Gb Total Space | 9,43 Gb Free Space | 96,63% Space Free | Partition Type: NTFS
Drive E: | 69,64 Gb Total Space | 44,13 Gb Free Space | 63,37% Space Free | Partition Type: NTFS
Drive H: | 298,09 Gb Total Space | 193,59 Gb Free Space | 64,94% Space Free | Partition Type: NTFS

Computer Name: MIXIK-PC | User Name: miXik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_USERS\S-1-5-21-366767806-2968866363-2853973609-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.3
"{69664D82-59E1-23B8-6265-6258D7316FA7}" = ATI Catalyst Install Manager
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1A7C2340-D1AC-4742-BCFF-1EA6CADFDC8B}" = Microsoft Windows Debugging Symbols
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB26247-DDE3-46AC-9400-7F3FE8A4934B}_is1" = Colin McRae Rally 2.0
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EAF566E-1712-433C-A1C2-7517845107CC}" = DVD Architect Pro 5.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{652CD1F7-23C6-462D-963C-60F92C3BF332}" = BB FlashBack Pro
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C7D7ED8-2854-4ABA-9A89-CFB7857B9084}" = Vista Battery Saver
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"A5F5C05F-717B-73C4-3160-2ABA7041614D" = Esmska
"Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aleo Flash Intro Banner Maker_is1" = Aleo Flash Intro Banner Maker 3.1
"Bannershop GIF Animator Trial" = Selteco Bannershop GIF Animator Trial
"CobBackup10" = Cobian Backup 10
"DVD Audio Extractor_is1" = DVD Audio Extractor 4.5.5
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.5.5 (04/12/2010)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Meda MP3 Joiner_is1" = Meda MP3 Joiner 1.2
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Nero7Lite_is1" = Nero 7 Lite 7.7.5.1
"OpenAL" = OpenAL
"Photodex Presenter" = Photodex Presenter
"ProShow Gold" = ProShow Gold
"Rainlendar2" = Rainlendar2 (remove only)
"rajče.net_is1" = rajče beta54 sestavení 124
"RocketDock_is1" = RocketDock 1.3.5
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"VSO Inspector_is1" = VSO Inspector 2.0.1.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WYSIWYG_Web_Builder_7" = WYSIWYG Web Builder 7
"YouTube HD Transfer Release_is1" = YouTube HD Transfer 1.0.469

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Re: mužu poprosit o preventivku

Napsal: 14 pro 2010 21:19
od bigmuff
a


OTL je moc velký

Re: mužu poprosit o preventivku

Napsal: 14 pro 2010 22:07
od motji
Rozdělte ho do více příspěvků :)

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 17:23
od bigmuff
dobry večer jsem opět zde-tak tedy jak píšete rozděluju

OTL logfile created on: 14.12.2010 20:51:44 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\miXik\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 69,64 Gb Total Space | 46,25 Gb Free Space | 66,40% Space Free | Partition Type: NTFS
Drive D: | 9,76 Gb Total Space | 9,43 Gb Free Space | 96,63% Space Free | Partition Type: NTFS
Drive E: | 69,64 Gb Total Space | 44,13 Gb Free Space | 63,37% Space Free | Partition Type: NTFS
Drive H: | 298,09 Gb Total Space | 193,59 Gb Free Space | 64,94% Space Free | Partition Type: NTFS

Computer Name: MIXIK-PC | User Name: miXik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.14 20:44:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\miXik\Desktop\OTL.exe
PRC - [2010.12.12 11:21:29 | 000,186,760 | ---- | M] () -- C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
PRC - [2010.12.12 01:06:41 | 000,394,616 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010.12.12 00:28:15 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.23 16:46:16 | 003,154,432 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
PRC - [2010.09.23 16:46:14 | 000,421,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
PRC - [2010.02.08 12:43:48 | 000,184,320 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
PRC - [2009.10.29 16:37:19 | 000,676,488 | ---- | M] (SPAMfighter) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\FighterSuiteService.exe
PRC - [2009.02.21 09:18:24 | 004,333,568 | ---- | M] () -- C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2007.06.29 12:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2007.06.14 14:45:00 | 000,850,704 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe


========== Modules (SafeList) ==========

MOD - [2010.12.14 20:44:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\miXik\Desktop\OTL.exe
MOD - [2009.07.24 10:06:41 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16400_none_4209f94e2b866170\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.10.27 18:21:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.03.25 22:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.11.15 11:50:26 | 000,013,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2009.08.18 01:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2006.08.05 09:48:30 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)
SRV - [2010.12.12 11:21:29 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2010.10.27 18:24:40 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.10.27 18:21:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.09.23 09:49:08 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 22:09:02 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.10.29 16:37:19 | 000,676,488 | ---- | M] (SPAMfighter) [Auto | Running] -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\FighterSuiteService.exe -- (Common Toolkit Service)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.06.29 12:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\eusk2par.sys -- (eusk2par)
DRV:64bit: - File not found [File_System | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\eamonm.sys -- (eamonm)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aspi32.sys -- (Aspi32)
DRV:64bit: - [2010.02.21 16:10:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.12.30 11:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.12.17 06:46:36 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.10.29 16:29:24 | 000,013,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avfsfilter.sys -- (AVFSFilter)
DRV:64bit: - [2009.10.15 17:52:24 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.10.15 16:11:32 | 000,004,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bbcap.sys -- (bbcap)
DRV:64bit: - [2009.09.23 02:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 02:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.08.18 02:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.02.23 02:50:52 | 000,322,608 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008.01.19 05:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
DRV:64bit: - [2007.06.21 11:12:08 | 000,035,840 | ---- | M] (Avanquest Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2007.05.02 02:52:00 | 000,314,880 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tifm21.sys -- (tifm21)
DRV:64bit: - [2006.10.19 03:33:34 | 001,513,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2006.10.19 03:31:12 | 000,296,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2006.10.19 03:30:10 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006.08.05 09:42:48 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2006.06.20 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.06.14 13:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2010.10.07 13:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2008.08.12 09:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2004.11.18 11:49:14 | 000,024,786 | ---- | M] (EUTRON) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\eusk2par.sys -- (eusk2par)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 DF 2D A4 A0 60 CA 01 [binary data]
IE - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.7
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "www.google.cz"


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.12 00:39:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.12 00:39:13 | 000,000,000 | ---D | M]

[2010.02.01 15:15:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla\Extensions
[2009.10.16 22:48:01 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.02.01 15:15:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla\Extensions\MediaCoder-MCEX
[2010.02.01 15:00:18 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2010.12.14 19:03:25 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla\Firefox\Profiles\doszqqqc.default\extensions
[2010.07.26 19:15:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\miXik\AppData\Roaming\Mozilla\Firefox\Profiles\doszqqqc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.07.26 19:15:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\miXik\AppData\Roaming\Mozilla\Firefox\Profiles\doszqqqc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.07.27 19:26:34 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\miXik\AppData\Roaming\Mozilla\Firefox\Profiles\doszqqqc.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.07.13 18:26:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\miXik\AppData\Roaming\Mozilla\Firefox\Profiles\doszqqqc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.12 00:46:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.07 12:53:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.12.12 00:28:19 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.12 00:28:19 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.12 00:28:19 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.12 00:28:19 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.12 00:28:19 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [Cobian Backup 10] C:\Program Files (x86)\Cobian Backup 10\Cobian.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [Microsoft Security Essentials User Interface] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [SJelite3Launch] C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe ()
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001..\Run: [VistaBatterySaver] C:\Program Files (x86)\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe (Tamir Khason)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 0
O7 - HKU\S-1-5-21-366767806-2968866363-2853973609-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: aux - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: MSVideo8 - File not found
Drivers32:64bit: vidc.i420 - File not found
Drivers32:64bit: VIDC.IYUV - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: VIDC.UYVY - File not found
Drivers32:64bit: VIDC.YUY2 - File not found
Drivers32:64bit: VIDC.YVU9 - File not found
Drivers32:64bit: VIDC.YVYU - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: aux - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: msacm.ac3filter - ac3filter.acm File not found
Drivers32: msacm.avis - ff_acm.acm File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - L3codeca.acm File not found
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: vidc.CDVC - cdvccodc.dll File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.i420 - i420vfw.dll File not found
Drivers32: vidc.iyuv - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.uyvy - msyuv.dll File not found
Drivers32: vidc.XVID - xvidvfw.dll File not found
Drivers32: vidc.yuy2 - msyuv.dll File not found
Drivers32: vidc.yv12 - yv12vfw.dll File not found
Drivers32: vidc.yvu9 - tsbyuv.dll File not found
Drivers32: vidc.yvyu - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.12.14 20:44:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\miXik\Desktop\OTL.exe
[2010.12.14 20:06:24 | 000,000,000 | ---D | C] -- C:\Users\miXik\AppData\Local\Safe mirror
[2010.12.14 20:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 10
[2010.12.13 20:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.12.13 20:47:28 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.13 20:25:48 | 000,000,000 | ---D | C] -- C:\Users\miXik\AppData\Local\MigWiz
[2010.12.13 19:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 8
[2010.12.12 15:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.12.12 14:56:05 | 000,000,000 | ---D | C] -- C:\Users\miXik\Documents\ZPS13
[2010.12.12 14:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photo Studio 13
[2010.12.12 12:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2010.12.12 12:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WYSIWYG Web Builder 7
[2010.12.12 11:42:53 | 000,000,000 | ---D | C] -- C:\Users\miXik\AppData\Roaming\VS Revo Group
[2010.12.12 01:09:02 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2010.12.12 01:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Revo Uninstaller Pro
[2010.12.12 00:55:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.12.12 00:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.12.12 00:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010.03.02 20:58:39 | 000,481,680 | ---- | C] (Microsoft Corporation) -- C:\Users\miXik\AppData\Local\imagex.exe
[2010.03.02 20:58:39 | 000,124,288 | ---- | C] (Microsoft Corporation) -- C:\Users\miXik\AppData\Local\oscdimg.exe
[2009.10.15 17:52:24 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\miXik\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010.12.14 20:48:49 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.14 20:48:49 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.14 20:44:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\miXik\Desktop\OTL.exe
[2010.12.14 20:41:22 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.14 20:40:55 | 000,000,031 | ---- | M] () -- C:\Windows\SysNative\bbcap.err
[2010.12.14 20:40:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.14 20:40:42 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.14 20:39:02 | 000,001,189 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\vso_ts_preview.xml
[2010.12.14 20:38:05 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.14 20:23:05 | 000,000,450 | RHS- | M] () -- C:\Users\miXik\ntuser.pol
[2010.12.14 20:22:43 | 000,000,444 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.12.14 20:16:34 | 000,001,031 | ---- | M] () -- C:\Users\miXik\Desktop\Cobian Backup 10.lnk
[2010.12.14 20:08:26 | 000,000,020 | ---- | M] () -- C:\zaloha-cobain.BAT
[2010.12.14 20:08:26 | 000,000,020 | ---- | M] () -- C:\Windows\zaloha-cobain.BAT
[2010.12.14 20:08:26 | 000,000,020 | ---- | M] () -- C:\Windows\SysNative\zaloha-cobain.BAT
[2010.12.13 21:20:59 | 001,551,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.13 21:20:59 | 000,661,878 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.12.13 21:20:59 | 000,645,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.13 21:20:59 | 000,133,722 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.12.13 21:20:59 | 000,118,010 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.13 20:47:12 | 000,832,273 | ---- | M] () -- C:\Users\miXik\Desktop\RSITx64.exe
[2010.12.13 19:58:29 | 000,000,955 | ---- | M] () -- C:\Users\miXik\Desktop\DVDFab 8.lnk
[2010.12.12 22:58:27 | 000,009,728 | ---- | M] () -- C:\Users\miXik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.12 15:02:06 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.12.12 14:54:30 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 13.lnk
[2010.12.12 13:22:30 | 000,441,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.12 12:40:44 | 000,002,151 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2010.12.12 12:37:32 | 000,001,976 | ---- | M] () -- C:\Users\miXik\Desktop\WYSIWYG Web Builder 7.lnk
[2010.12.12 12:29:09 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2010.12.12 11:21:54 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\ProShow Gold.lnk
[2010.12.12 01:09:05 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2010.12.12 01:06:41 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.12.12 00:57:14 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts

========== Files Created - No Company Name ==========

[2010.12.14 20:22:43 | 000,000,444 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.12.14 20:16:34 | 000,001,031 | ---- | C] () -- C:\Users\miXik\Desktop\Cobian Backup 10.lnk
[2010.12.14 20:11:17 | 000,000,020 | ---- | C] () -- C:\Windows\SysNative\zaloha-cobain.BAT
[2010.12.14 20:11:09 | 000,000,020 | ---- | C] () -- C:\Windows\zaloha-cobain.BAT
[2010.12.14 20:11:01 | 000,000,020 | ---- | C] () -- C:\zaloha-cobain.BAT
[2010.12.13 20:47:10 | 000,832,273 | ---- | C] () -- C:\Users\miXik\Desktop\RSITx64.exe
[2010.12.13 19:58:29 | 000,000,955 | ---- | C] () -- C:\Users\miXik\Desktop\DVDFab 8.lnk
[2010.12.12 14:54:29 | 000,001,927 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 13.lnk
[2010.12.12 12:40:44 | 000,002,151 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2010.12.12 12:32:12 | 000,001,976 | ---- | C] () -- C:\Users\miXik\Desktop\WYSIWYG Web Builder 7.lnk
[2010.12.12 01:09:05 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2010.12.12 00:57:14 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.12.11 23:19:15 | 1609,375,744 | -HS- | C] () -- C:\hiberfil.sys
[2010.07.17 16:32:37 | 000,000,026 | ---- | C] () -- C:\Windows\dvdSanta.INI
[2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.05.12 15:09:06 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.05.04 15:54:47 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.03.15 20:57:47 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.03.15 14:59:10 | 000,000,693 | ---- | C] () -- C:\Windows\SysWow64\Config.ini
[2010.03.14 17:25:13 | 000,000,135 | ---- | C] () -- C:\Windows\Mp3CutterJoiner.ini
[2010.03.13 10:52:20 | 000,000,026 | ---- | C] () -- C:\Windows\neosetup.INI
[2010.02.10 23:34:28 | 000,000,550 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\AutoGK.ini
[2010.02.10 17:45:49 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\bgspmnt.dll
[2010.02.09 15:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.02.03 15:23:36 | 000,003,072 | ---- | C] () -- C:\Windows\hasp_windows.dll
[2010.01.30 19:43:11 | 000,007,639 | ---- | C] () -- C:\Users\miXik\AppData\Local\Resmon.ResmonCfg
[2010.01.30 14:25:13 | 000,000,571 | ---- | C] () -- C:\Windows\SysWow64\FeMakro.ini
[2010.01.30 14:25:13 | 000,000,497 | ---- | C] () -- C:\Windows\SysWow64\FeAnim.ini
[2009.12.23 18:15:20 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2009.12.23 18:15:20 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2009.12.22 23:52:03 | 000,009,728 | ---- | C] () -- C:\Users\miXik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.22 23:49:28 | 000,000,066 | ---- | C] () -- C:\Windows\Speed Video Converter.INI
[2009.11.27 18:37:38 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.10.16 22:51:01 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.10.15 17:55:01 | 000,001,189 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\vso_ts_preview.xml
[2009.10.15 17:52:59 | 000,000,034 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\pcouffin.log
[2009.10.15 17:52:24 | 000,099,384 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\inst.exe
[2009.10.15 17:52:24 | 000,007,859 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\pcouffin.cat
[2009.10.15 17:52:24 | 000,001,167 | ---- | C] () -- C:\Users\miXik\AppData\Roaming\pcouffin.inf
[2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2001.01.12 10:52:26 | 000,044,032 | ---- | C] () -- C:\Windows\SysWow64\vbpng1.dll
[2001.01.12 10:49:38 | 000,021,504 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll

========== LOP Check ==========

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 17:23
od bigmuff
[2010.01.31 21:21:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2010.01.31 21:18:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2010.08.26 17:05:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Acoustica
[2010.02.01 18:40:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Aleo Software
[2009.12.10 19:28:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Ashampoo
[2010.06.03 18:52:22 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Autodesk
[2010.04.02 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\BatteryBar
[2009.11.22 17:50:46 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\BITS
[2010.02.20 20:52:07 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Blueberry
[2010.06.04 18:20:14 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Broad Intelligence
[2009.12.29 22:15:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Canneverbe_Limited
[2010.06.21 13:34:17 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\CD Box Labeler Pro
[2010.08.06 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\CocoonSoftware
[2009.11.07 15:34:57 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Common Toolkit Suite
[2009.10.22 16:53:10 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\DAEMON Tools Lite
[2010.02.04 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Eltima Software
[2009.10.14 16:26:07 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\ESET
[2010.08.30 19:23:51 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\esmska
[2009.11.22 18:01:33 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\FlashGet
[2009.12.13 19:42:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Foxit
[2010.03.23 17:13:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\FreeScreenToVideo
[2010.06.21 13:36:15 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\GHISLER
[2010.08.10 20:53:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Godlike
[2010.02.03 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Grass Valley
[2010.06.04 21:51:34 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\gtk-2.0
[2010.03.05 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\HandBrake
[2010.02.26 15:54:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\IObit
[2009.11.29 12:21:04 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Leadertech
[2010.09.02 19:08:39 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\log
[2009.10.15 16:12:29 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\LogSys
[2009.12.08 22:13:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mail Box Dispatcher 2
[2009.10.23 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Meda MP3 Joiner 1.2
[2009.11.08 17:36:28 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Netscape
[2010.07.03 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Nvu
[2010.01.30 14:25:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\pdfMachine
[2009.11.21 20:14:25 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Photodex
[2009.12.23 18:32:42 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\proDAD
[2010.07.13 18:24:50 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Publish Providers
[2010.07.06 14:13:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\REAPER
[2010.08.11 17:36:24 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\SMS posílač Treca
[2010.07.13 18:24:55 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Sony
[2010.05.27 17:48:51 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\TeamViewer
[2009.10.20 17:40:42 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Thinstall
[2009.11.12 19:04:23 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Transcend
[2010.12.12 12:57:52 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\TuneUp Software
[2009.11.14 00:13:39 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Ubisoft
[2010.12.14 20:56:00 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\uTorrent
[2009.11.22 17:26:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\VitySoft
[2010.12.12 11:42:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\VS Revo Group
[2010.12.14 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Vso
[2010.07.23 21:15:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Win7codecs
[2010.02.01 18:39:34 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\WinAVI
[2010.01.31 19:40:02 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Xilisoft
[2010.12.12 14:56:01 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Zoner
[2010.06.23 21:22:09 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" -- [2010.12.12 01:06:41 | 000,394,616 | ---- | M] (BitTorrent, Inc.)
"VistaBatterySaver" = C:\Program Files (x86)\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe -- [2007.08.24 22:11:14 | 000,479,232 | ---- | M] (Tamir Khason)
"Rainlendar2" = C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe -- [2009.02.21 09:18:24 | 004,333,568 | ---- | M] ()
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"SJelite3Launch" = C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe -- [2010.02.08 12:43:48 | 000,184,320 | ---- | M] ()
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- File not found
"Microsoft Security Essentials User Interface" = C:\Program Files\Microsoft Security Essentials\msseces.exe -- [2010.09.15 04:34:02 | 001,448,568 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.08.26 17:05:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Acoustica
[2010.01.10 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Adobe
[2009.11.27 20:03:03 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Ahead
[2010.02.01 18:40:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Aleo Software
[2009.12.10 19:28:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Ashampoo
[2010.06.03 18:52:22 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Autodesk
[2010.04.02 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\BatteryBar
[2009.11.22 17:50:46 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\BITS
[2010.02.20 20:52:07 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Blueberry
[2010.06.04 18:20:14 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Broad Intelligence
[2009.12.29 22:15:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Canneverbe_Limited
[2010.06.21 13:34:17 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\CD Box Labeler Pro
[2010.08.06 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\CocoonSoftware
[2009.11.07 15:34:57 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Common Toolkit Suite
[2010.07.17 14:39:29 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\CyberLink
[2009.10.22 16:53:10 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\DAEMON Tools Lite
[2010.12.12 18:39:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\dvdcss
[2010.02.04 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Eltima Software
[2009.10.14 16:26:07 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\ESET
[2010.08.30 19:23:51 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\esmska
[2009.11.22 18:01:33 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\FlashGet
[2009.12.13 19:42:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Foxit
[2010.03.23 17:13:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\FreeScreenToVideo
[2010.06.21 13:36:15 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\GHISLER
[2010.08.10 20:53:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Godlike
[2010.02.03 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Grass Valley
[2010.06.04 21:51:34 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\gtk-2.0
[2010.03.05 15:52:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\HandBrake
[2010.02.05 12:54:04 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\HP
[2009.10.14 15:28:31 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Identities
[2009.10.17 12:49:46 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\InstallShield
[2010.02.26 15:54:41 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\IObit
[2009.11.29 12:21:04 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Leadertech
[2010.09.02 19:08:39 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\log
[2009.10.15 16:12:29 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\LogSys
[2009.10.14 15:49:15 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Macromedia
[2009.12.08 22:13:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mail Box Dispatcher 2
[2009.11.14 17:36:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Malwarebytes
[2009.10.23 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Meda MP3 Joiner 1.2
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Media Center Programs
[2010.07.06 15:08:39 | 000,000,000 | --SD | M] -- C:\Users\miXik\AppData\Roaming\Microsoft
[2009.11.08 17:36:28 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Mozilla
[2009.12.10 19:21:13 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Nero
[2009.11.08 17:36:28 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Netscape
[2010.07.03 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Nvu
[2010.01.30 14:25:36 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\pdfMachine
[2009.11.21 20:14:25 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Photodex
[2009.12.23 18:32:42 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\proDAD
[2010.07.13 18:24:50 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Publish Providers
[2010.07.14 17:24:38 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Real
[2010.07.06 14:13:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\REAPER
[2010.12.12 15:44:50 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Skype
[2010.12.12 14:59:40 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\skypePM
[2010.08.11 17:36:24 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\SMS posílač Treca
[2010.07.13 18:24:55 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Sony
[2010.06.04 18:10:25 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\SUPERAntiSpyware.com
[2010.05.27 17:48:51 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\TeamViewer
[2009.10.20 17:40:42 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Thinstall
[2009.11.12 19:04:23 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Transcend
[2010.12.12 12:57:52 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\TuneUp Software
[2009.11.14 00:13:39 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Ubisoft
[2010.12.14 20:56:00 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\uTorrent
[2009.11.22 17:26:47 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\VitySoft
[2010.12.12 18:39:58 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\vlc
[2010.12.12 11:42:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\VS Revo Group
[2010.12.14 19:14:30 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Vso
[2010.07.23 21:15:37 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Win7codecs
[2010.02.01 18:39:34 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\WinAVI
[2009.10.14 16:22:53 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\WinRAR
[2010.01.31 19:40:02 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Xilisoft
[2010.12.12 14:56:01 | 000,000,000 | ---D | M] -- C:\Users\miXik\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.07.27 21:11:27 | 000,099,384 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\inst.exe
[2009.10.28 19:28:15 | 000,010,134 | R--- | M] () -- C:\Users\miXik\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2009.10.15 16:41:17 | 000,095,884 | R--- | M] () -- C:\Users\miXik\AppData\Roaming\Microsoft\Installer\{8C7D7ED8-2854-4ABA-9A89-CFB7857B9084}\_3454F75504B572276CDCA7.exe
[2009.10.15 16:41:17 | 000,095,884 | R--- | M] () -- C:\Users\miXik\AppData\Roaming\Microsoft\Installer\{8C7D7ED8-2854-4ABA-9A89-CFB7857B9084}\_6FEFF9B68218417F98F549.exe
[2009.10.20 17:40:51 | 000,007,680 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\Thinstall\SLOW-PCfighter\4000008000002i\Splash Screen.exe
[2007.06.29 12:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\IoctlSvc.exe
[2010.02.08 12:43:24 | 000,049,152 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\PLIoctlInstaller.exe
[2010.02.08 12:43:48 | 000,184,320 | ---- | M] () -- C:\Users\miXik\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
[2010.08.28 09:36:43 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\miXik\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_e8ae2662e553ad0f\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_16adec2ff16ac3e3\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_b230b4f1ea781c27\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20621_none_39f398b8542b6259\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2009.07.21 07:49:50 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=91543759D93F9EF026458DA5DA3452CC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.20493_none_bc1b19d4d69ff9fe\cdrom.sys
[2009.12.13 08:08:08 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=D31F9B6C218F64C15D10FFE71C2EF842 -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_c92d34b80b393423\cdrom.sys
[2009.12.13 08:08:08 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=D31F9B6C218F64C15D10FFE71C2EF842 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.20595_none_bc1d1c4ed69e29d3\cdrom.sys
[2009.07.21 07:54:09 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=EC5AE6D60673DD4874C6DA1D4BA4CBCB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_98e633ec9740bcb1\cdrom.sys
[2009.07.21 07:54:09 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=EC5AE6D60673DD4874C6DA1D4BA4CBCB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16397_none_bb957e31bd7ebf90\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.11.09 07:58:12 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=22F7FA1FD0223AE08AE4070534B96CF9 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20570_none_b88db036e0e839ae\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.11.09 08:30:20 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=90BD96C123F672C49CB5E1C7854FDFC0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20570_none_ae3905e4ac8777b3\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.11.09 08:03:37 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=C9B74657CF24E4297C94D5F6BE62E915 -- C:\Windows\SysWOW64\explorer.exe
[2009.11.09 08:03:37 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=C9B74657CF24E4297C94D5F6BE62E915 -- C:\Windows\SysWOW64\explorer.exe
[2009.11.09 08:03:37 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=C9B74657CF24E4297C94D5F6BE62E915 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16457_none_b820b549c7b41363\explorer.exe
[2009.11.09 08:26:38 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E0ABC4E94E734604A2244273784FD4CB -- C:\Windows\explorer.exe
[2009.11.09 08:26:38 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E0ABC4E94E734604A2244273784FD4CB -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16457_none_adcc0af793535168\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2010.01.15 21:11:04 | 000,263,048 | ---- | M] (Microsoft Corporation) MD5=45F5444ADD9D62F54B580B2CD3E51E93 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20618_none_07f635348c3d6082\hal.dll
[2009.07.21 11:41:27 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=84B0029D17938C96270660359F2533D3 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16397_none_071514f373618c9b\hal.dll
[2009.07.21 11:33:00 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=950385D61D3F99E2D3143633D8221CA9 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20493_none_079ab0968c82c709\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.01.15 21:01:53 | 000,263,048 | ---- | M] (Microsoft Corporation) MD5=CA2F33BF271FF7D78C045301BFC566DA -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16504_none_0773672d731b3f6b\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_e8ae2662e553ad0f\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.20551_none_16adec2ff16ac3e3\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20571_none_02cfe9de8f955a81\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.24 10:53:48 | 000,947,800 | ---- | M] (Microsoft Corporation) MD5=467D2C33B82990603E9E90FE96B034C3 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16400_none_040d9d423583b2ab\ndis.sys
[2009.07.24 11:06:23 | 000,947,800 | ---- | M] (Microsoft Corporation) MD5=613D1170CE8E0EA30EB83F3004C09016 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20496_none_043bea974ee4e8d1\ndis.sys
[2009.12.29 09:15:47 | 000,948,104 | ---- | M] (Microsoft Corporation) MD5=745183BC62829154E350BD2C640EDC27 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20605_none_049c3d654e9cce4f\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.01.19 12:55:29 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=63B462CADA8761DBE16F0575536C324B -- C:\Windows\SysWOW64\netlogon.dll
[2010.01.19 12:55:29 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=63B462CADA8761DBE16F0575536C324B -- C:\Windows\SysWOW64\netlogon.dll
[2010.01.19 12:55:29 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=63B462CADA8761DBE16F0575536C324B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20621_none_64c7d2339efc3e0f\netlogon.dll
[2010.01.19 11:29:22 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=720FDDBD9CCFFB7E8B7777503BC00369 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.20621_none_5a7327e16a9b7c14\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.01.14 08:37:33 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B218D0D5250E979049771B25E552EEA2 -- C:\Windows\SysWOW64\scecli.dll
[2010.01.14 08:37:33 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B218D0D5250E979049771B25E552EEA2 -- C:\Windows\SysWOW64\scecli.dll
[2010.01.14 08:37:33 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B218D0D5250E979049771B25E552EEA2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20617_none_9f2ecef4401040e3\scecli.dll
[2010.01.14 09:15:08 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=E5D0B45BB476B0A2F247C21523206419 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.20617_none_94da24a20baf7ee8\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.24 11:06:40 | 001,898,584 | ---- | M] (Microsoft Corporation) MD5=6DECEB05E65970699E24F0E6BB9D6DD8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20496_none_0f92d122993c1caf\tcpip.sys
[2010.01.27 08:55:10 | 001,901,568 | ---- | M] (Microsoft Corporation) MD5=7BFF7A0AB9F2699DF15502C5BF23929D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20628_none_0fe084f699018614\tcpip.sys
[2009.11.05 14:05:39 | 001,899,080 | ---- | M] (Microsoft Corporation) MD5=7EFCB0055C0E31B558AEA716EA36B7C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20567_none_0fb443169922df5a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2010.01.27 08:57:36 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=B320A81B6A7D01B4AF9E85E22E9F6BDF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16512_none_0f5bb65b7fe1324f\tcpip.sys
[2009.07.24 10:53:52 | 001,898,568 | ---- | M] (Microsoft Corporation) MD5=BDD634B4C9CE26884812E29DDC5AF5B8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16400_none_0f6483cd7fdae689\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.11.13 11:37:35 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=9D5DA4E693BE6B27339FB31EE2E8F808 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20574_none_cc4b611107b8ea45\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:44807EFA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 18:55
od motji
:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:44807EFA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde :)

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 20:11
od bigmuff
provedeno

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\ProgramData\TEMP:44807EFA deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:SystemPropertiesPerformance.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2246216 bytes
->FireFox cache emptied: 38358059 bytes
->Flash cache emptied: 593 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: miXik
->Temp folder emptied: 158881970 bytes
->Temporary Internet Files folder emptied: 4337118 bytes
->Java cache emptied: 24760401 bytes
->FireFox cache emptied: 106159304 bytes
->Flash cache emptied: 9286 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 818980 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 462373 bytes
RecycleBin emptied: 5145324294 bytes

Total Files Cleaned = 5 227,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: miXik
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12152010_200536

Files\Folders moved on Reboot...
C:\Users\miXik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 20:15
od motji
Co počítač?

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 20:28
od bigmuff
vypada že dobrý-a co bylo tam něco-jsem viděl že se něco čistilo?

možna delší vypínání a start,ale to u win žádná novina

Re: mužu poprosit o preventivku

Napsal: 15 pro 2010 22:57
od motji
Něco tam bylo :)

:arrow: Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě :)

:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


:arrow: start-spustit - napište chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat

:arrow: defragmentace disku
- start - ovládací panely - nástroje pro správu - správa počítače - defragmentace disku

-- můžete použít i jiný nástroj na defragmentaci, ten ve windows není nic moc

Re: mužu poprosit o preventivku

Napsal: 16 pro 2010 22:13
od bigmuff
provedeno,ale chkdsk /f/r mě nešlo

diky a přeji hezké vánoční svátky

Re: mužu poprosit o preventivku

Napsal: 16 pro 2010 22:41
od motji
Nešlo Vám to proč?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz