VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=114960

Stránka 1 z 1

Prosím o kontrolu

Napsal: 28 srp 2011 21:00
od daneck
Logfile of random's system information tool 1.09 (written by random/random)
Run by Dan at 2011-08-28 21:54:14
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 13 GB (16%) free of 80 GB
Total RAM: 1976 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:23, on 28.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\SysWOW64\conime.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Dan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [LManager] C:\PROGRA~2\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tvjbmonitor] C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7826 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Acer\Empowering Technology\Service\ETService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {6DC3C5E4-0DA8-43E5-9919-EC466BFBB2F9}
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe"
"C:\Windows\WindowsMobile\wmdSync.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Windows\ehome\ehtray.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\ehome\ehsched.exe
"C:\Program Files (x86)\WinZip\WZQKPICK.EXE"
C:\Windows\System32\mobsync.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Genius\ioCentre\gTaskBar.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Genius\ioCentre\gMouseTask
C:\Genius\ioCentre\gKbdTask
C:\Genius\ioCentre\gAutoPan
C:\Genius\ioCentre\gAutoScroll
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
C:\Genius\ioCentre\gZoom
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Genius\ioCentre\gMGlass
C:\Genius\ioCentre\gIMMgm
C:\Genius\ioCentre\gDeskMgm
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Genius\ioCentre\gTaskSwitch
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
C:\Windows\ehome\ehRecvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet D1300 series#1298100177" -Startup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\conime.exe
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 652 656 664 65536 660
"C:\Software\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-30 470016]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 225792]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2008-03-21 486856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"Google Update"=C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-03 136176]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-07-04 3493720]
"LManager"=C:\PROGRA~2\LAUNCH~1\LManager.exe [2008-06-10 870920]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 335360]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"tvjbmonitor"=C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe [2006-12-26 53248]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2009-12-21 39424]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
WinZip Quick Pick.lnk - C:\Program Files (x86)\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2008-03-25 745736]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSH263.DRV
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.SP54"=SP5X_32.DLL
"VIDC.SP55"=SP5X_32.DLL
"VIDC.SP56"=SP5X_32.DLL
"VIDC.SP57"=SP5X_32.DLL
"VIDC.SP58"=SP5X_32.DLL

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-28 21:54:15 ----D---- C:\Program Files\trend micro
2011-08-28 21:54:14 ----D---- C:\rsit
2011-08-28 21:27:06 ----D---- C:\Program Files (x86)\CCleaner
2011-08-28 20:49:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-08-24 17:28:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-24 17:28:34 ----A---- C:\Windows\system32\tzres.dll
2011-08-16 16:42:23 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2011-08-16 16:41:37 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-08-15 10:39:31 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-15 10:39:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-15 10:39:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-15 10:39:29 ----A---- C:\Windows\system32\iertutil.dll
2011-08-15 10:39:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-15 10:39:28 ----A---- C:\Windows\system32\ieui.dll
2011-08-15 10:39:27 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-15 10:39:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-08-15 10:39:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-08-15 10:39:27 ----A---- C:\Windows\system32\url.dll
2011-08-15 10:39:27 ----A---- C:\Windows\system32\jscript9.dll
2011-08-15 10:39:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-15 10:39:26 ----A---- C:\Windows\system32\urlmon.dll
2011-08-15 10:39:26 ----A---- C:\Windows\system32\jscript.dll
2011-08-15 10:39:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-15 10:39:25 ----A---- C:\Windows\system32\wininet.dll
2011-08-15 10:39:25 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-15 10:39:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-15 10:39:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-15 10:39:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-15 10:39:19 ----A---- C:\Windows\system32\mshtml.dll
2011-08-15 10:39:18 ----A---- C:\Windows\system32\ieframe.dll
2011-08-15 10:28:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-15 10:28:17 ----A---- C:\Windows\system32\winsrv.dll
2011-08-15 10:28:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-15 10:28:13 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-15 10:28:13 ----A---- C:\Windows\system32\xmllite.dll
2011-08-15 10:26:36 ----A---- C:\Windows\system32\ntoskrnl.exe

======List of files/folders modified in the last 1 month======

2011-08-28 21:54:23 ----D---- C:\Windows\Temp
2011-08-28 21:54:23 ----D---- C:\Windows\Prefetch
2011-08-28 21:54:15 ----RD---- C:\Program Files
2011-08-28 21:33:58 ----D---- C:\Users\Dan\AppData\Roaming\Winamp
2011-08-28 21:31:45 ----D---- C:\Windows\Minidump
2011-08-28 21:31:45 ----D---- C:\Windows\Debug
2011-08-28 21:31:45 ----D---- C:\Windows
2011-08-28 21:27:06 ----RD---- C:\Program Files (x86)
2011-08-28 21:20:04 ----D---- C:\Software
2011-08-28 20:49:56 ----SHD---- C:\Windows\Installer
2011-08-28 20:49:56 ----SD---- C:\ProgramData\Microsoft
2011-08-28 20:44:16 ----SHD---- C:\System Volume Information
2011-08-28 20:11:35 ----D---- C:\Windows\System32
2011-08-28 20:11:35 ----D---- C:\Windows\inf
2011-08-28 20:11:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-28 20:07:08 ----D---- C:\Windows\Tasks
2011-08-25 20:21:03 ----D---- C:\Windows\system32\Tasks
2011-08-25 19:10:16 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-08-25 01:55:48 ----D---- C:\Windows\rescache
2011-08-24 17:29:39 ----D---- C:\Windows\winsxs
2011-08-24 17:29:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-08-24 17:29:39 ----D---- C:\Windows\SysWOW64
2011-08-24 17:29:39 ----D---- C:\Windows\system32\cs-CZ
2011-08-24 17:26:17 ----D---- C:\Windows\system32\catroot
2011-08-24 17:26:15 ----D---- C:\Windows\system32\catroot2
2011-08-23 00:20:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-17 17:34:58 ----D---- C:\Windows\Microsoft.NET
2011-08-17 17:34:56 ----RSD---- C:\Windows\assembly
2011-08-16 16:54:17 ----D---- C:\Windows\system32\drivers
2011-08-16 16:47:37 ----D---- C:\Users\Dan\AppData\Roaming\Nokia
2011-08-16 16:42:23 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-16 16:41:22 ----D---- C:\Windows\system32\drivers\UMDF
2011-08-16 16:39:56 ----D---- C:\Program Files (x86)\Nokia
2011-08-15 12:28:44 ----D---- C:\Windows\SYSWOW64\migration
2011-08-15 12:28:44 ----D---- C:\Windows\system32\migration
2011-08-15 12:28:44 ----D---- C:\Program Files\Windows Mail
2011-08-15 12:28:44 ----D---- C:\Program Files (x86)\Windows Mail
2011-08-15 12:28:44 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-15 12:28:43 ----D---- C:\Program Files\Internet Explorer
2011-08-15 10:40:37 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-04-26 69376]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-23 868848]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 288088]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 45400]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 64856]
R2 int15;int15; \??\C:\Windows\SysWOW64\drivers\int15_64.sys [2008-03-21 17952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2008-05-19 1137152]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2008-03-28 249344]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2006-11-03 25872]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2006-07-14 18432]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 12160]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2008-01-21 1523712]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2008-01-21 286720]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-04 129536]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-04-26 17152]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2mdx64.sys [2008-04-15 62040]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sdx64.sys [2008-04-08 51928]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2008-01-21 724480]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128]
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-12-17 533760]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 58496]
S3 AF15BDA;AF9015 BDA Filter; C:\Windows\system32\DRIVERS\AF15BDA.sys [2007-03-20 325376]
S3 atf5dz1q;atf5dz1q; C:\Windows\system32\drivers\atf5dz1q.sys []
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 48768]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 695296]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 35328]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2008-06-28 14848]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 MAYA44;usb-audio.de driver for Maya44; C:\Windows\System32\Drivers\Maya44.sys [2008-09-03 429568]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 61568]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pgusbmme;usb-audio.de MME-Adapter; C:\Windows\system32\drivers\pgusbmm3.sys [2008-09-03 45568]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 111104]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 98944]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 36864]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 27648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 29 srp 2011 08:08
od vyosek
Zdravim a pekny den preji :)

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Prosím o kontrolu

Napsal: 29 srp 2011 19:48
od daneck
Dobrý den.
Tady je OTL.Txt

OTL logfile created on: 29.8.2011 19:56:43 - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Dan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,94% Memory free
4,10 Gb Paging File | 2,24 Gb Available in Paging File | 54,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 12,05 Gb Free Space | 15,42% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 67,44 Gb Free Space | 30,66% Space Free | Partition Type: NTFS

Computer Name: DAN-PC | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.08.29 19:50:48 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dan\Desktop\OTL.exe
PRC - [2011.08.23 00:20:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.07.04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011.04.12 10:58:04 | 000,222,776 | ---- | M] (Software602) -- C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2009.12.21 07:45:56 | 000,039,424 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2009.06.19 12:10:00 | 000,525,640 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE
PRC - [2008.06.10 00:36:14 | 000,870,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2008.03.21 10:30:16 | 000,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2007.02.13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006.12.26 18:08:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.23 00:20:52 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2009.08.11 22:18:28 | 000,497,664 | ---- | M] () -- C:\Windows\SysWOW64\ac3filter.acm
MOD - [2008.03.21 10:29:56 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Lite\Lang\ENU.dll
MOD - [2008.03.21 10:29:56 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Lite\Lang\CSY.dll
MOD - [2007.11.09 12:39:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Lite\Plugins\Images\bw5mount.dll
MOD - [2007.02.28 03:02:36 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2007.02.28 03:02:36 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2006.12.26 18:08:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2008.03.21 14:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008.01.21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.06.28 13:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.02.13 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.05.18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.04.26 02:00:20 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2010.12.23 22:34:37 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.04.11 07:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008.12.17 08:46:12 | 000,533,760 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\Drivers\Ca1528av.sys -- (Ca1528av)
DRV:64bit: - [2008.09.03 15:18:00 | 000,429,568 | ---- | M] (Audiotrack) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Maya44.sys -- (MAYA44)
DRV:64bit: - [2008.09.03 14:59:00 | 000,045,568 | ---- | M] (usb-audio.de) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pgusbmm3.sys -- (pgusbmme)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.28 09:43:02 | 000,014,848 | ---- | M] (SunPlus) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Bulk1528.sys -- (Bulk1528)
DRV:64bit: - [2008.06.04 11:55:16 | 000,129,536 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008.05.19 20:44:00 | 001,137,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008.04.15 19:14:40 | 000,062,040 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008.04.08 19:46:44 | 000,051,928 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008.03.28 05:44:22 | 000,249,344 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008.01.21 04:47:28 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avc.sys -- (Avc)
DRV:64bit: - [2008.01.21 04:46:57 | 001,523,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (HSF_DPV)
DRV:64bit: - [2008.01.21 04:46:57 | 000,724,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2008.01.21 04:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008.01.21 04:46:57 | 000,058,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\61883.sys -- (61883)
DRV:64bit: - [2008.01.21 04:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008.01.21 04:46:53 | 000,061,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\msdv.sys -- (MSDV)
DRV:64bit: - [2007.03.20 16:14:42 | 000,325,376 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2006.07.14 08:33:48 | 000,012,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\gMouUsb.sys -- (gMouUsb)
DRV:64bit: - [2006.07.14 08:30:42 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\gHidPnp.Sys -- (gHidPnp)
DRV - [2011.04.26 02:00:21 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2008.03.21 11:48:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2394324607-2350737850-1159899354-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2394324607-2350737850-1159899354-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.1&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.23 00:20:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.21 15:12:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.16 16:42:49 | 000,000,000 | ---D | M]

[2010.12.09 17:20:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan\AppData\Roaming\Mozilla\Extensions
[2011.08.23 00:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions
[2010.12.13 11:12:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.23 00:21:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.07.10 21:42:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.04.01 13:27:20 | 000,002,342 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icq-search.xml
[2011.05.03 09:22:21 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-1.xml
[2011.06.22 19:28:56 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-2.xml
[2011.08.23 00:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-3.xml
[2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.gif
[2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.src
[2011.04.11 20:17:14 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.xml
[2011.07.12 21:20:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.12.30 22:23:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.11 21:01:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.21 20:40:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.12 21:20:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BH0BA7SO.DEFAULT\EXTENSIONS\GOOGLEDICTIONARY@TOPTIP.CA.XPI
[2011.08.23 00:20:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.04.11 20:15:55 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.04.11 20:15:55 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.27 07:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.04.11 20:15:55 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.04.11 20:15:55 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.04.11 20:15:55 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [tvjbmonitor] C:\Program Files (x86)\MMEDIA\TV Jukebox 3.0\tvjbMonitor.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2394324607-2350737850-1159899354-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2394324607-2350737850-1159899354-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\spba: DllName - Reg Error: Key error. - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.07.26 21:03:02 | 000,000,000 | ---D | M] - D:\Auto -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.I420 - File not found
Drivers32:64bit: VIDC.SP54 - File not found
Drivers32:64bit: VIDC.SP55 - File not found
Drivers32:64bit: VIDC.SP56 - File not found
Drivers32:64bit: VIDC.SP57 - File not found
Drivers32:64bit: VIDC.SP58 - File not found
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.08.29 19:50:32 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Dan\Desktop\OTL.exe
[2011.08.28 21:54:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.28 21:54:14 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.28 21:27:08 | 000,000,000 | ---D | C] -- C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.28 21:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2011.08.28 20:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.08.28 20:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

========== Files - Modified Within 7 Days ==========

[2011.08.29 20:00:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.29 19:53:08 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000UA.job
[2011.08.29 19:50:48 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dan\Desktop\OTL.exe
[2011.08.29 19:17:00 | 001,418,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.29 19:17:00 | 000,607,464 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.08.29 19:17:00 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.29 19:17:00 | 000,118,096 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.08.29 19:17:00 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.29 19:12:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.08.29 19:12:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.08.29 19:12:41 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.08.29 19:12:31 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.29 19:12:31 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.29 19:12:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.29 19:12:19 | 2072,891,392 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.28 23:10:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.08.28 21:50:13 | 000,004,398 | ---- | M] () -- C:\Users\Dan\Documents\cc_20110828_215002.reg
[2011.08.28 21:39:49 | 000,047,560 | ---- | M] () -- C:\Users\Dan\Documents\cc_20110828_213853.reg
[2011.08.28 21:27:08 | 000,000,846 | ---- | M] () -- C:\Users\Dan\Desktop\CCleaner.lnk
[2011.08.28 20:59:17 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe
[2011.08.25 19:55:20 | 000,002,032 | ---- | M] () -- C:\Users\Dan\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2011.08.29 20:00:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.28 21:50:11 | 000,004,398 | ---- | C] () -- C:\Users\Dan\Documents\cc_20110828_215002.reg
[2011.08.28 21:39:00 | 000,047,560 | ---- | C] () -- C:\Users\Dan\Documents\cc_20110828_213853.reg
[2011.08.28 21:27:08 | 000,000,846 | ---- | C] () -- C:\Users\Dan\Desktop\CCleaner.lnk
[2011.08.28 20:59:06 | 000,935,175 | ---- | C] () -- C:\RSITx64.exe
[2011.08.28 20:07:08 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.07.25 16:53:19 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.07.25 16:53:19 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.04.24 21:36:04 | 000,000,680 | ---- | C] () -- C:\Users\Dan\AppData\Local\d3d9caps.dat
[2011.03.16 19:35:31 | 000,014,115 | ---- | C] () -- C:\Windows\twspmm.ini
[2011.01.05 22:40:06 | 000,032,768 | ---- | C] () -- C:\Users\Dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.14 19:57:16 | 000,147,242 | ---- | C] () -- C:\Windows\hppins20.dat
[2010.12.14 19:56:32 | 000,016,655 | ---- | C] () -- C:\Windows\hppmdl20.dat
[2010.12.09 22:13:45 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010.12.09 22:12:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.12.09 22:11:48 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010.12.09 19:59:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.12.09 15:38:51 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.12.09 15:32:04 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2010.12.09 15:05:40 | 000,258,560 | ---- | C] () -- C:\Windows\SysWow64\SysHook.dll
[2010.12.09 14:55:02 | 000,000,732 | ---- | C] () -- C:\Users\Dan\AppData\Local\d3d9caps64.dat
[2010.08.25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010.08.25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010.08.25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009.06.02 19:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.09.04 13:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2002.09.18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2001.08.29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL

========== LOP Check ==========

[2011.07.12 19:30:58 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\602Installer
[2011.07.12 19:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\602XML
[2010.12.23 22:34:03 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\DAEMON Tools
[2010.12.09 14:57:54 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\GHISLER
[2011.07.01 19:52:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\ICQ
[2011.08.16 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Nokia
[2010.12.24 11:25:28 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Nokia Ovi Suite
[2011.02.07 20:40:00 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\OpenOffice.org
[2010.12.24 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\PC Suite
[2011.01.15 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\streamripper
[2010.12.13 01:07:48 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\VistaCodecs
[2010.12.13 12:35:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Zoner
[2011.08.29 19:12:41 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.08.28 23:10:32 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >


< MD5 for: AGP440.SYS >
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:50:26 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.21 04:49:38 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\SysNative\cryptsvc.dll
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2008.01.21 04:49:08 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2008.01.21 04:49:56 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 08:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 04:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 07:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 04:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 04:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.21 04:46:51 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008.01.21 04:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\SysNative\drivers\isapnp.sys
[2008.01.21 04:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.21 04:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 17:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.02.13 10:52:40 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2008.01.21 04:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2008.01.21 04:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2008.01.21 04:48:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SysNative\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 13:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.02.13 07:14:46 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 16:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2009.02.13 09:46:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe

< MD5 for: NDIS.SYS >
[2008.01.21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\SysNative\drivers\nvraid.sys
[2008.01.21 04:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 04:50:36 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\SysNative\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.21 04:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008.01.21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2011.06.17 22:14:30 | 001,424,272 | ---- | M] (Microsoft Corporation) MD5=19A7321E3A5F1DDB215D2815DCC8F8E4 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_116decc535366aa6\tcpip.sys
[2009.08.14 16:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2009.08.14 20:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2011.06.17 22:14:30 | 001,427,344 | ---- | M] (Microsoft Corporation) MD5=4DAD14118FBCF7C609F2A4CE21FBCC5F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.17 22:14:30 | 001,427,344 | ---- | M] (Microsoft Corporation) MD5=4DAD14118FBCF7C609F2A4CE21FBCC5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_10d0aed01c273845\tcpip.sys
[2009.08.14 18:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.21 04:51:16 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.06.16 18:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2008.04.26 10:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.06.16 19:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 09:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 18:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.06.17 01:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 18:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.16 00:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2008.04.26 10:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:49:45 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) MD5=BAB10B35E2D5EE0DC3DE05A177C52C50 -- C:\Windows\SysNative\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) MD5=BAB10B35E2D5EE0DC3DE05A177C52C50 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.08.28 20:59:17 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.12 19:30:58 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\602Installer
[2011.07.12 19:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\602XML
[2010.12.13 19:49:18 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Adobe
[2010.12.23 22:34:03 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\DAEMON Tools
[2010.12.09 14:57:54 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\GHISLER
[2010.12.14 20:17:49 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\HP
[2011.07.01 19:52:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\ICQ
[2010.12.09 14:55:09 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Identities
[2010.12.09 15:42:00 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\InstallShield
[2010.12.09 23:49:58 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Macromedia
[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Media Center Programs
[2011.02.22 10:53:33 | 000,000,000 | --SD | M] -- C:\Users\Dan\AppData\Roaming\Microsoft
[2010.12.09 17:20:56 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Mozilla
[2011.08.16 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Nokia
[2010.12.24 11:25:28 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Nokia Ovi Suite
[2011.02.07 20:40:00 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\OpenOffice.org
[2010.12.24 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\PC Suite
[2011.02.25 00:05:32 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Real
[2011.01.15 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\streamripper
[2010.12.13 01:07:48 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\VistaCodecs
[2011.08.28 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Winamp
[2010.12.23 22:14:24 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\WinRAR
[2010.12.13 12:35:16 | 000,000,000 | ---D | M] -- C:\Users\Dan\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.08.29 19:12:46 | 000,000,044 | ---- | M] () -- C:\Windows\system32\rp_rules.dat
[2011.08.29 19:12:46 | 000,000,064 | ---- | M] () -- C:\Windows\system32\rp_stats.dat

< %SYSTEMDRIVE%\*.exe >
[2011.08.28 20:59:17 | 000,935,175 | ---- | M] () -- C:\RSITx64.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 09:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.03.21 10:30:16 | 000,486,856 | ---- | M] (DT Soft Ltd)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 04:51:33 | 000,138,240 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.07.03 10:43:38 | 000,136,176 | ---- | M] (Google Inc.)
"" =

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.08.29 20:00:31 | 000,000,512 | ---- | M] () MD5=54A4163B09121CFF56AECC4FCC6EE902 -- C:\PhysicalMBR.bin

< End of report >

Re: Prosím o kontrolu

Napsal: 29 srp 2011 19:51
od daneck
A tady Extras.

Děkuji :thumbsup:

OTL Extras logfile created on: 29.8.2011 19:56:43 - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Dan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,94% Memory free
4,10 Gb Paging File | 2,24 Gb Available in Paging File | 54,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 12,05 Gb Free Space | 15,42% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 67,44 Gb Free Space | 30,66% Space Free | Partition Type: NTFS

Computer Name: DAN-PC | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2394324607-2350737850-1159899354-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 3B 64 D1 45 9E 98 CB 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B98652-91D5-4320-B596-BC8B0085AD0E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{0605C2D5-9D55-46CB-887C-EA0C61168E82}" = protocol=17 | dir=in | app=c:\program files (x86)\streamingstar\hidownload_platinum\hidownloadplatinum.exe |
"{0D744527-4C17-41E0-8305-CDDB796C79BD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{198C8DF9-36F6-4E1F-AFEE-94D629D15AB4}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{7D6E8F2A-3BBB-4F4D-8330-569F6E7D0EB2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{8EDF45E7-91B4-437D-AC74-5F9D80E0C54F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{A0031E1C-76E6-49E7-85DD-32C520747CFC}" = protocol=6 | dir=in | app=c:\program files (x86)\streamingstar\hidownload_platinum\hidownloadplatinum.exe |
"{D5B89BC9-D272-4B05-8000-38E2A5A9885C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{DD81EDF0-7EB6-4654-A110-58734F93A7CB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{F2939DB6-9B3B-43FB-967A-C61B569C55F0}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"TCP Query User{41CB8EAA-EB49-4BA0-805D-26FDB3F03F16}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{67F0AC03-462F-4DE2-AE66-0751AC471BA0}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{74DC83F4-CEDA-4F72-8E9B-2BB46747320F}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{B68C1A52-A093-4175-8281-55CD5C579DFA}C:\program files (x86)\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soulseek\slsk.exe |
"TCP Query User{BF7AAD6E-E8A0-4574-B639-77696C418FBE}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{4C86E80E-392A-474A-89D1-A53704372B5B}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{532768B9-149D-4FFB-97A9-AFF048831836}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{64606326-DD05-4A97-8D9A-6B04674038AD}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{DC4A43ED-5C99-4EB4-AEC0-BB137DA87280}C:\program files (x86)\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soulseek\slsk.exe |
"UDP Query User{F68C3B2B-3517-432D-8FAE-3E63342334B0}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6CDA735E-D099-4ee8-94FC-2681BF33966C}" = SF_CDA_ToolboxIni64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82B3C254-537C-4C6D-9C79-7671A011536A}" = O2Micro Flash Memory Card Reader Driver (x64)
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBB7F606-0C13-4182-AD7F-427A4773580E}" = VibrateGameDeviceDrivers40
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"USB_AUDIO_DEusb-audio.deMaya44" = Maya44 USB ASIO driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{1320CACA-1955-4E9E-84A1-B75F064221BB}" = Software602 Form Filler
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros for Acer Driver v7.6.0.126_Foxconn Installation Program
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver v4.170.25.19_Foxconn Installation Program
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BE365801-FB4B-49D7-87D2-9477EE371F1C}" = D1300_Help
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C13F11D1-00BA-44DF-B626-35E1C03F85E5}" = D1300
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{EC50DAA7-4D63-4A7E-8D88-FA3F9FD09E4E}" = Phoenix Service Software
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.0
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"GridVista" = Acer GridVista
"LManager" = Launch Manager
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"MV2Player" = MV2Player (remove only)
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Nokia Ovi Suite" = Nokia Ovi Suite
"Phoenix Service Software 2011.02.000.44842_is1" = Phoenix Service Software 2011.02.000.44842
"Soulseek2" = SoulSeek Client 157 test 12b
"STCC - The Game_1.1.1.10_is1" = STCC - The Game
"Streamripper" = Streamripper (Remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Tunatic" = Tunatic
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2394324607-2350737850-1159899354-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.8.2011 3:01:18 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 23.8.2011 7:51:11 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2011 1:17:35 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2011 10:41:18 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2011 19:37:48 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.8.2011 10:29:32 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.8.2011 14:21:22 | Computer Name = Dan-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 28.8.2011 14:07:07 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.8.2011 13:12:36 | Computer Name = Dan-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.8.2011 13:13:11 | Computer Name = Dan-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 20.2.2011 6:33:24 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 20.2.2011 10:46:25 | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 21.2.2011 14:30:47 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 22.2.2011 11:32:59 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 23.2.2011 11:46:00 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 23.2.2011 11:49:51 | Computer Name = Dan-PC | Source = DCOM | ID = 10005
Description =

Error - 23.2.2011 11:49:51 | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 23.2.2011 11:49:52 | Computer Name = Dan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 24.2.2011 13:14:57 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 25.2.2011 11:41:42 | Computer Name = Dan-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =


< End of report >

Re: Prosím o kontrolu

Napsal: 29 srp 2011 20:39
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKU\S-1-5-21-2394324607-2350737850-1159899354-1000\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
[2011.08.23 00:21:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.01 13:27:20 | 000,002,342 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icq-search.xml
[2011.05.03 09:22:21 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-1.xml
[2011.06.22 19:28:56 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-2.xml
[2011.08.23 00:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-3.xml
[2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.gif
[2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.src
[2011.04.11 20:17:14 | 000,000,950 | ---- | M] () -- C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.xml
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Google Update"=-
""=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"NokiaMServer"=-
 
:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu

Napsal: 29 srp 2011 21:15
od daneck
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2394324607-2350737850-1159899354-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.1&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\bh0ba7so.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableCAD deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C96.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2348.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP558F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8FE0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB0D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC570.tmp\Microsoft.PowerShell.Editor.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC570.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF55.tmp\SMSvcHost.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF55.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEF1F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1F17.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP26E3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP364F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5823.tmp\System.Speech.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5823.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D9A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FEA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP671D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC419.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC87D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD2F8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDF7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE762.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC70.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEDC7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF048.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF6FD.tmp folder deleted successfully.
C:\Windows\Installer\MSIBA19.tmp deleted successfully.
C:\Windows\Installer\MSIC2E5.tmp deleted successfully.
C:\Windows\Installer\MSIF2B7.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2394324607-2350737850-1159899354-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Dan
->Temp folder emptied: 17678221 bytes
->Temporary Internet Files folder emptied: 66340 bytes
->Java cache emptied: 162784 bytes
->FireFox cache emptied: 61800434 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1047 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 530005 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 77,00 mb


[EMPTYFLASH]

User: All Users

User: Dan
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.6 log created on 08292011_220951

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP000000743BAFBC0DF3843E7C not found!

Registry entries deleted on Reboot...

Re: Prosím o kontrolu

Napsal: 30 srp 2011 07:18
od vyosek
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Doporucuji provest defragmentaci disku
  • Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
    • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
    • prepnete se do zalozky Nastroje
    • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
    • Toto provedte se vsemi disky
  • Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
    • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
    • Kliknete na Analyzovat
    • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
    • Postup provedte se vsemi disky
  • Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
    • Vyhodou programku je, ze se neinstaluje
    • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
    • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
    • Probehne analyza disku a nasledne i defragmentace
:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Prosím o kontrolu

Napsal: 30 srp 2011 13:33
od daneck
dekuji za ochotu a pomoc

Re: Prosím o kontrolu

Napsal: 30 srp 2011 13:34
od vyosek
Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek


A na rozloucenou vam zahraje nase kapela :guitar: :150: :151: :152: :153: :154: :196:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz