VIRY.CZ

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:56:10, on 11.3.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\PersonSecurity\psecurity.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files (x86)\M-Audio USB Quattro\QuatTask.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Rysak\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
O2 - BHO: &Security Update - {C73FD00D-A099-405C-92B4-8997710D187D} - C:\Windows\SysWow64\win32extension.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
O4 - HKLM\..\Run: [H2O] "C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TrayServer] "C:\Program Files (x86)\MAGIX\Movie_Edit_Pro_12_e-version\TrayServer.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: M-Audio Quattro Control Panel Launcher.lnk = C:\Program Files (x86)\M-Audio USB Quattro\QuatTask.exe
O4 - Startup: Rebeat UploadProcess.lnk = C:\Program Files (x86)\Rebeat Digital GmbH Austria\Rebeat\RebeatV1.UploadProcess.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quattro Installer (QuattroInstallerService) - M-Audio - C:\Program Files (x86)\M-Audio USB Quattro\Install\QuatInst.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12887 bytes

Vše sem provedl jak jste napsal. Extras je v raru. OTP ale taky, protože mohu vložit příspěvek o 60000 znacích a tento má přes 600tis.
Snad to není problém

zkouším to, ale v průběhu akce OTL spadne....

Jinak antivir sem odstranil, avast sem nechal, jelikoz je neaktovni - vyprsel mi licencni klic.
Dekuji za odpoved.
R.

Tak uzse mu chtelo, viz log nize. Vyzadal restart, tak udelam jeste jeden.
Dekuju. R.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C73FD00D-A099-405C-92B4-8997710D187D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C73FD00D-A099-405C-92B4-8997710D187D}\ not found.
File C:\Windows\SysWOW64\win32extension.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rysak
->Temp folder emptied: 209616 bytes
->Temporary Internet Files folder emptied: 43137657 bytes
->Java cache emptied: 3532613 bytes
->FireFox cache emptied: 44569507 bytes
->Flash cache emptied: 2003356 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3780852 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3867515 bytes

Total Files Cleaned = 96,00 mb


OTL by OldTimer - Version 3.1.36.1 log created on 08202007_231328

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File\Folder C:\Users\Rysak\AppData\Local\Temp\~DF105E.tmp not found!
File\Folder C:\Users\Rysak\AppData\Local\Temp\~DFEAF.tmp not found!
File\Folder C:\Users\Rysak\AppData\Local\Temp\~DFF0B.tmp not found!
File\Folder C:\Users\Rysak\AppData\Local\Temp\~DFFE7.tmp not found!
File\Folder C:\Users\Rysak\AppData\Local\Temp\~DFFF8.tmp not found!
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9ZJ8FEK\Berufswahl-Nav[1].html moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GMMZI1IO\jobsibm[1].htm moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YMW9KY1\ads[5].htm moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YMW9KY1\combofix_org[2].htm moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\19U9RS5D\afr[1].htm moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\19U9RS5D\viewtopic[1].htm moved successfully.
C:\Users\Rysak\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XMZR7UTZ\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9BO5J80\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BXC9TYH2\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M96VEIK\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

provedeno

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3858
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18813

21.8.2007 11:15:41
mbam-log-2007-08-21 (11-15-24).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 100521
Uplynulý čas: 3 minute(s), 43 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c73fd00d-a099-405c-92b4-8997710d187d} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> No action taken.

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Users\Rysak\Desktop\Personal Security.lnk (Rogue.PSecurity) -> No action taken.

omlouvam se, nevedel jsem, jestli to jeste budes resit, tak sem nejak znervoznel....uz ho zkousim odstranit, ale nezobrazuje se mi krizek.
Provedu, jinak v OTL opet stejny postup? 7 days, all users atp.?

tak restart jsem provedl, ted mi ale nejde spustit Malwarebytes
Security center stale strasi

pardon. Malwarebytes nejde spusit. Provádím konrtolu prest OTL

otl.txt je v příloze

dekuji
R.

tak tu mam attach a DDS:

DDS (Ver_09-12-01.01) - NTFSX64
Run by Rysak at 12:24:06,06 on Łt 21.08.2007
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1033.18.3837.1986 [GMT 2:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\M-Audio USB Quattro\Install\QuatInst.exe
C:\Windows\SysWOW64\rpcnet.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\PersonSecurity\psecurity.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Rysak\Downloads\dds.scr
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uWindow Title = Internet Explorer provided by Dell
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\program files (x86)\sensible vision\fast access\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files (x86)\daemon tools toolbar\DTToolbar.dll
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\daemon.exe" -autorun
uRun: [AdobeBridge]
mRun: [Dell Webcam Central] "c:\program files (x86)\dell webcam\dell webcam central\WebcamDell.exe" /mode2
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [FATrayAlert] c:\program files (x86)\sensible vision\fast access\FATrayMon.exe
mRun: [FAStartup]
mRun: [H2O] "c:\program files (x86)\syncrosoft\pos\h2o\cledx.exe"
mRun: [ioCentre] c:\genius\iocentre\gTaskBar.exe
mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [TrayServer] "c:\program files (x86)\magix\movie_edit_pro_12_e-version\TrayServer.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [PWRISOVM.EXE] "c:\program files (x86)\poweriso\PWRISOVM.EXE"
mRun: [PC_Fun]
StartupFolder: c:\users\rysak\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\rysak\appdata\roaming\micros~1\windows\startm~1\programs\startup\m-audi~1.lnk - c:\program files (x86)\m-audio usb quattro\QuatTask.exe
StartupFolder: c:\users\rysak\appdata\roaming\micros~1\windows\startm~1\programs\startup\rebeat~1.lnk - c:\program files (x86)\rebeat digital gmbh austria\rebeat\RebeatV1.UploadProcess.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\device~1.lnk - c:\program files (x86)\olympus\devicedetector\DevDtct2.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\mi1933~1\office11\REFIEBAR.DLL
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Notify: FastAccess - c:\program files (x86)\sensible vision\fast access\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files (x86)\daemon tools toolbar\DTToolbar64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe
mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun-x64: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun-x64: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IFEO-X64: taskmgr.exe - ""

================= FIREFOX ===================

FF - ProfilePath - c:\users\rysak\appdata\roaming\mozilla\firefox\profiles\u22tp271.default\extensions\personas@christopher.beard\defaults\preferences\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-4-2 54480]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2007-5-8 89680]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_cce24a4c\AESTSr64.exe [2009-4-3 88576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2007-5-8 22096]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2007-5-8 65616]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
R2 FAService;FAService;c:\program files (x86)\sensible vision\fast access\FAService.exe [2008-11-10 2344200]
R2 QuattroInstallerService;Quattro Installer;c:\program files (x86)\m-audio usb quattro\install\QuatInst.exe [2009-4-29 86016]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-4-2 36392]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2009-8-21 20992]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [2009-8-21 18944]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2009-8-21 12544]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-4-3 59392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-4-3 58912]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-4-3 158592]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-4-3 318656]
S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2007-5-8 138680]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2007-5-8 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2007-5-8 352920]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-5-22 93184]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\drivers\facap.sys [2008-9-24 238848]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-9-28 1038088]
S3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\system32\drivers\mausb.sys [2009-6-20 214024]
S3 netr7364;ASUS USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr7364.sys [2009-7-7 412672]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 123656]
S3 SynUSB64;SynUSB64;c:\windows\system32\drivers\synUSB64.sys [2009-5-16 29432]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2009-11-03 00:51:14 9728 ----a-w- c:\windows\syswow64\wceprv.dll
2009-09-28 21:01:23 0 d-----w- c:\program files\Adobe
2009-09-28 20:54:12 0 d-----w- c:\program files\common files\Macrovision Shared
2009-09-27 17:05:38 0 d-----w- c:\users\rysak\appdata\roaming\FastStone
2009-09-27 17:05:34 0 d-----w- c:\program files (x86)\FastStone Image Viewer
2009-09-24 17:47:06 85424 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-09-24 17:47:06 0 d-----w- c:\program files (x86)\PowerISO
2009-09-21 08:24:02 0 d-----w- c:\users\rysak\.thumbnails
2009-09-21 08:20:24 0 d-----w- c:\program files (x86)\GIMP-2.0
2009-09-19 11:09:13 307200 ----a-w- c:\users\rysak\přednášky.doc
2009-09-19 11:08:58 429984 ----a-w- c:\users\rysak\Lit. po roce 1945 - otázky.rar
2009-09-02 22:46:41 0 d-----w- c:\program files (x86)\MSXML 4.0
2009-09-02 22:45:03 2048 ----a-w- c:\windows\syswow64\tzres.dll
2009-09-02 22:45:03 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-02 22:07:38 28672 ----a-w- c:\windows\syswow64\Apphlpdm.dll
2009-09-02 22:07:37 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 22:07:36 4240384 ----a-w- c:\windows\syswow64\GameUXLegacyGDFs.dll
2009-09-02 22:07:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-31 19:17:50 14451858 ----a-w- c:\users\rysak\pixies.wav
2009-08-31 18:55:07 0 d-----w- c:\program files (x86)\Any Audio Converter
2009-08-31 17:31:21 0 d-----w- C:\temp
2009-08-31 17:29:40 0 d-----w- c:\users\rysak\appdata\roaming\Power Sound Editor Free
2009-08-31 17:29:31 602112 ----a-w- c:\windows\syswow64\NCTAudioTransform2.dll
2009-08-31 17:29:31 479232 ----a-w- c:\windows\syswow64\NCTAudioVisualization2.dll
2009-08-31 17:29:31 458752 ----a-w- c:\windows\syswow64\NCTAudioRecord2.dll
2009-08-31 17:29:31 417792 ----a-w- c:\windows\syswow64\NCTTextToAudio2.dll
2009-08-31 17:29:31 348160 ----a-w- c:\windows\syswow64\NCTWMAFile2.dll
2009-08-31 17:29:31 113486 ----a-w- c:\windows\syswow64\NCTWMAProfiles.prx
2009-08-31 17:29:30 880640 ----a-w- c:\windows\syswow64\NCTAudioEditor2.dll
2009-08-31 17:29:30 835584 ----a-w- c:\windows\syswow64\NCTAudioCDGrabber2.dll
2009-08-31 17:29:30 458752 ----a-w- c:\windows\syswow64\NCTAudioPlayer2.dll
2009-08-31 17:29:30 1986560 ----a-w- c:\windows\syswow64\NCTAudioFile2.dll
2009-08-31 17:29:30 1212416 ----a-w- c:\windows\syswow64\NCTAudioInformation2.dll
2009-08-31 17:29:29 0 d-----w- c:\program files (x86)\Power Sound Editor Free
2009-08-30 20:52:34 0 d-----w- c:\users\rysak\appdata\roaming\XnView
2009-08-30 20:51:01 0 d-----w- c:\program files (x86)\XnView
2009-08-30 20:40:59 0 d-----w- c:\program files (x86)\AutoGraphics HTML
2009-08-29 19:20:57 0 d-----w- c:\users\rysak\appdata\roaming\GetRightToGo
2009-08-29 18:44:07 0 d-----w- c:\program files (x86)\Great White North Technologies
2009-08-21 09:34:53 20992 ----a-w- c:\windows\system32\drivers\gHidPnp.sys
2009-08-21 09:34:53 18944 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-08-21 09:34:53 12544 ----a-w- c:\windows\system32\drivers\gMouUsb.sys
2009-08-21 09:33:22 0 d-----w- C:\Genius
2009-08-17 19:05:18 65536 --sha-w- c:\users\rysak\ntuser.dat{b78cca3f-8b60-11de-afed-002219de167d}.TM.blf
2009-08-17 19:05:18 524288 --sha-w- c:\users\rysak\ntuser.dat{b78cca3f-8b60-11de-afed-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2009-08-17 19:05:18 524288 --sha-w- c:\users\rysak\ntuser.dat{b78cca3f-8b60-11de-afed-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2009-08-15 23:59:49 0 d-----w- c:\program files (x86)\Lame for Audacity
2009-08-15 23:53:32 0 d-----w- c:\program files (x86)\Audacity 1.3 Beta (Unicode)
2009-08-14 23:10:42 0 d-----w- c:\program files (x86)\Bonjour
2009-08-14 22:55:21 0 d-----w- c:\program files (x86)\DAEMON Tools Lite
2009-08-14 21:17:39 0 d-----w- c:\users\rysak\appdata\roaming\PSpad
2009-08-14 21:17:33 0 d-----w- c:\program files (x86)\PSPad editor
2009-08-14 20:34:05 0 d-----w- C:\wamp
2009-08-14 19:56:31 0 d-----w- c:\programdata\MySQL
2009-08-14 19:56:31 0 d-----w- c:\program files (x86)\MySQL
2009-08-14 19:52:17 82432 ----a-w- c:\windows\syswow64\msxml4r.dll
2009-08-14 19:52:17 44544 ----a-w- c:\windows\syswow64\msxml4a.dll
2009-08-14 19:52:17 140288 ----a-w- c:\windows\syswow64\comdlg32.ocx
2009-08-14 19:52:17 0 d-----w- c:\program files (x86)\Bullzip
2009-08-12 07:59:17 2423296 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 07:59:17 2066432 ----a-w- c:\windows\syswow64\mstscax.dll
2009-08-12 07:59:14 88576 ----a-w- c:\windows\system32\atl.dll
2009-08-12 07:59:14 71680 ----a-w- c:\windows\syswow64\atl.dll
2009-08-12 07:59:13 202752 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 07:59:11 93184 ----a-w- c:\windows\system32\mciavi32.dll
2009-08-12 07:59:11 76800 ----a-w- c:\windows\system32\avicap32.dll
2009-08-12 07:59:11 108544 ----a-w- c:\windows\system32\avifil32.dll
2009-08-12 07:59:10 91136 ----a-w- c:\windows\syswow64\avifil32.dll
2009-08-09 18:23:44 65536 --sha-w- c:\users\rysak\ntuser.dat{ec4b1572-84c6-11de-a62a-002219de167d}.TM.blf
2009-08-09 18:23:44 524288 --sha-w- c:\users\rysak\ntuser.dat{ec4b1572-84c6-11de-a62a-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2009-08-09 18:23:44 524288 --sha-w- c:\users\rysak\ntuser.dat{ec4b1572-84c6-11de-a62a-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2009-08-07 20:21:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-15 12:12:58 96256 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 12:12:58 72704 ----a-w- c:\windows\syswow64\fontsub.dll
2009-07-15 12:12:58 48128 ----a-w- c:\windows\system32\atmlib.dll
2009-07-15 12:12:58 366080 ----a-w- c:\windows\system32\atmfd.dll
2009-07-15 12:12:58 289792 ----a-w- c:\windows\syswow64\atmfd.dll
2009-07-15 12:12:58 189440 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 12:12:58 156672 ----a-w- c:\windows\syswow64\t2embed.dll
2009-07-15 12:12:58 10240 ----a-w- c:\windows\syswow64\dciman32.dll
2009-07-07 20:25:51 412672 ----a-w- c:\windows\system32\drivers\netr7364.sys
2009-07-05 19:34:42 0 d-----w- c:\programdata\CyberLink
2009-06-24 12:13:13 0 d-----w- c:\program files (x86)\GPLGS
2009-06-24 12:11:21 85504 ----a-w- c:\windows\system32\cpwmon64.dll
2009-06-24 12:11:20 0 d-----w- c:\program files (x86)\Acro Software
2009-06-20 15:21:37 371720 ----a-w- c:\windows\system32\M-AudioFastTrackProControlPanelApplet.cpl
2009-06-20 15:21:37 214024 ----a-w- c:\windows\system32\drivers\mausb.sys
2009-06-20 13:14:20 0 d-----w- c:\users\rysak\{4d684aaa-e8a3-42e7-aef4-14e2173c083f}
2009-06-20 13:14:19 511488 ----a-w- c:\windows\system32\M-AudioTaskBarIcon64.exe
2009-06-20 13:14:19 33800 ----a-w- c:\windows\system32\mausbasio64.dll
2009-06-20 13:14:19 28680 ----a-w- c:\windows\syswow64\mausbasio.dll
2009-06-20 13:14:19 2524440 ----a-w- c:\windows\system32\madiousb.dll
2009-06-20 13:14:00 0 d-----w- c:\program files (x86)\M-Audio
2009-06-20 10:31:14 65536 --sha-w- c:\users\rysak\ntuser.dat{53783dde-5d85-11de-8439-002219de167d}.TM.blf
2009-06-20 10:31:14 524288 --sha-w- c:\users\rysak\ntuser.dat{53783dde-5d85-11de-8439-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2009-06-20 10:31:14 524288 --sha-w- c:\users\rysak\ntuser.dat{53783dde-5d85-11de-8439-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2009-06-11 14:27:19 791552 ----a-w- c:\windows\system32\localspl.dll
2009-06-11 14:27:19 636928 ----a-w- c:\windows\syswow64\localspl.dll
2009-06-11 14:27:16 677376 ----a-w- c:\windows\syswow64\rpcrt4.dll
2009-06-11 14:27:16 1280512 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-11 14:27:02 2742272 ----a-w- c:\windows\system32\win32k.sys
2009-06-07 11:27:20 73728 ----a-w- c:\windows\syswow64\vbzlib1.dll
2009-05-29 20:05:54 86016 ----a-w- c:\windows\syswow64\STRDEVAPI.dll
2009-05-29 20:05:54 53248 ----a-w- c:\windows\syswow64\OdiAPI.dll
2009-05-29 20:05:54 114688 ----a-w- c:\windows\syswow64\OdiOlDVR.dll
2009-05-29 20:05:53 73728 ----a-w- c:\windows\syswow64\VNUSB.dll
2009-05-29 20:05:53 73728 ----a-w- c:\windows\syswow64\DW90USB.DLL
2009-05-29 20:02:49 217088 ----a-w- c:\windows\syswow64\DSSCORE.DLL
2009-05-29 20:02:49 0 d-----w- c:\program files (x86)\Olympus
2009-05-23 14:40:58 147425 ----a-w- c:\windows\syswow64\SYNSOACC-Aide.chm
2009-05-23 14:40:58 120468 ----a-w- c:\windows\syswow64\SYNSOACC-Hilfe.chm
2009-05-23 14:40:58 114279 ----a-w- c:\windows\syswow64\SYNSOACC-Help.chm
2009-05-23 14:39:56 45056 ----a-w- c:\windows\syswow64\Synsopos.exe
2009-05-23 14:39:53 401462 ----a-w- c:\windows\syswow64\temp.004
2009-05-23 14:39:45 147456 ----a-w- c:\windows\syswow64\SynsoLChk.dll
2009-05-23 14:39:44 765952 ----a-w- c:\windows\syswow64\SYNSOACC.dll
2009-05-23 13:52:43 401462 ----a-w- c:\windows\syswow64\temp.003
2009-05-22 13:27:36 41984 ----a-w- c:\windows\syswow64\netfxperf.dll
2009-05-22 13:27:36 13824 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-22 13:27:25 96760 ----a-w- c:\windows\syswow64\dfshim.dll
2009-05-22 13:27:25 112120 ----a-w- c:\windows\system32\dfshim.dll
2009-05-22 13:27:12 406528 ----a-w- c:\windows\system32\mscoree.dll
2009-05-22 13:27:12 282112 ----a-w- c:\windows\syswow64\mscoree.dll
2009-05-22 13:26:58 158720 ----a-w- c:\windows\syswow64\mscorier.dll
2009-05-22 13:26:58 158208 ----a-w- c:\windows\system32\mscorier.dll
2009-05-22 13:26:53 76288 ----a-w- c:\windows\system32\mscories.dll
2009-05-22 13:26:52 83968 ----a-w- c:\windows\syswow64\mscories.dll
2009-05-18 11:43:35 56680 ----a-w- c:\windows\syswow64\rpcnet.exe
2009-05-18 11:43:35 56680 ----a-w- c:\windows\syswow64\rpcnet.dll
2009-05-17 22:08:42 17408 ----a-w- c:\windows\syswow64\rpcnetp.exe
2009-05-17 17:45:46 0 d-----w- c:\program files (x86)\YouTube Downloader
2009-05-17 17:03:07 0 d-----w- c:\users\rysak\Tracing
2009-05-17 16:21:42 44544 ----a-w- c:\windows\syswow64\agremove.exe
2009-05-17 08:14:29 65536 --sha-w- c:\users\rysak\ntuser.dat{a5c3cbe5-42ba-11de-b506-002219de167d}.TM.blf
2009-05-17 08:14:29 524288 --sha-w- c:\users\rysak\ntuser.dat{a5c3cbe5-42ba-11de-b506-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2009-05-17 08:14:29 524288 --sha-w- c:\users\rysak\ntuser.dat{a5c3cbe5-42ba-11de-b506-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2009-05-16 09:43:55 0 d-----w- c:\programdata\VST3 Presets
2009-05-16 09:33:14 0 d-----w- c:\programdata\Syncrosoft
2009-05-16 09:29:57 0 d-----w- C:\RebeatV1.0
2009-05-16 09:29:37 0 d-----w- c:\program files (x86)\Rebeat Digital GmbH Austria
2009-05-16 09:28:36 0 d-----w- C:\Steinberg
2009-05-16 09:23:50 0 d-----w- c:\programdata\Steinberg
2009-05-16 09:23:50 0 d-----w- c:\program files\common files\Steinberg
2009-05-16 09:22:25 0 d-----w- c:\program files\Steinberg
2009-05-16 09:22:23 147425 ----a-w- c:\windows\system32\SYNSOACC-Aide.chm
2009-05-16 09:22:22 916480 ----a-w- c:\windows\system32\synsoacc.dll
2009-05-16 09:22:22 120468 ----a-w- c:\windows\system32\SYNSOACC-Hilfe.chm
2009-05-16 09:22:22 114279 ----a-w- c:\windows\system32\SYNSOACC-Help.chm
2009-05-16 09:22:09 29432 ----a-w- c:\windows\system32\drivers\synUSB64.sys
2009-05-16 09:22:06 401462 ----a-w- c:\windows\syswow64\temp.002
2009-05-06 14:11:29 0 d-----w- c:\programdata\FLEXnet
2009-05-06 14:06:14 0 d-----w- c:\windows\syswow64\spool
2009-05-06 14:05:55 0 d-----w- c:\program files\common files\Adobe
2009-05-06 14:03:03 0 d-----w- c:\program files (x86)\common files\Macrovision Shared
2009-05-04 18:35:36 0 d-----w- c:\program files (x86)\AMR Player
2009-05-04 16:27:01 56 ---ha-w- c:\windows\syswow64\ezsidmv.dat
2009-05-04 15:38:43 0 d-----w- c:\users\rysak\appdata\roaming\ESTsoft
2009-05-04 15:38:43 0 d-----w- c:\programdata\Estsoft
2009-05-04 15:38:22 0 d-----w- c:\program files (x86)\ESTsoft
2009-05-03 20:38:47 401462 ----a-w- c:\windows\syswow64\temp.001
2009-05-03 19:45:21 0 d-----w- c:\users\rysak\appdata\roaming\Steinberg
2009-05-03 19:40:42 487424 ----a-w- c:\windows\syswow64\msvcp70.dll
2009-05-03 19:40:42 344064 ----a-w- c:\windows\syswow64\msvcr70.dll
2009-05-03 19:39:54 0 d-----w- c:\program files (x86)\Steinberg
2009-05-03 19:39:16 401462 ----a-w- c:\windows\syswow64\temp.000
2009-05-03 19:39:15 0 d-----w- c:\program files (x86)\Syncrosoft
2009-05-03 19:30:45 0 d-----w- c:\users\rysak\appdata\roaming\DAEMON Tools Pro
2009-05-03 19:30:08 0 d-----w- c:\programdata\DAEMON Tools Lite
2009-05-03 19:29:41 0 d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2009-05-03 19:26:55 871408 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-05-03 19:26:39 0 d-----w- c:\users\rysak\appdata\roaming\DAEMON Tools Lite
2009-05-03 16:42:52 0 d-----w- c:\windows\pss
2009-05-03 16:37:28 11910 ----a-w- c:\windows\syswow64\Genmidi.dll
2009-05-03 16:37:21 0 d-----w- c:\program files (x86)\Native Instruments
2009-04-29 16:52:40 0 d-----w- c:\programdata\Adobe
2009-04-29 13:16:39 87040 ----a-w- c:\windows\syswow64\Ra32sipr.dll
2009-04-29 13:16:39 85504 ----a-w- c:\windows\syswow64\Encdnet.dll
2009-04-29 13:16:39 81920 ----a-w- c:\windows\syswow64\Ra3214_4.dll
2009-04-29 13:16:39 72704 ----a-w- c:\windows\syswow64\Ra3228_8.dll
2009-04-29 13:16:39 61952 ----a-w- c:\windows\syswow64\Decdnet.dll
2009-04-29 13:16:39 487936 ----a-w- c:\windows\syswow64\Rmbe3260.dll
2009-04-29 13:16:39 352768 ----a-w- c:\windows\syswow64\pngu3263.dll
2009-04-29 13:16:39 273408 ----a-w- c:\windows\syswow64\Pncrt.dll
2009-04-29 13:16:39 21504 ----a-w- c:\windows\syswow64\Ra32dnet.dll
2009-04-29 13:16:39 131072 ----a-w- c:\windows\syswow64\Pneng50.dll
2009-04-29 13:16:39 130560 ----a-w- c:\windows\syswow64\Pnc3250.dll
2009-04-29 13:15:32 0 d-----w- c:\program files (x86)\ASIO4ALL v2
2009-04-29 13:08:08 0 d-----w- c:\program files (x86)\M-Audio USB Quattro
2009-04-29 10:46:05 0 d-----w- c:\program files (x86)\QIP
2009-04-29 08:58:06 91136 ----a-w- c:\windows\syswow64\msls2.dll
2009-04-29 08:57:52 0 d-----w- c:\program files (x86)\Konvertor
2009-04-29 08:56:43 373760 ----a-w- c:\windows\syswow64\xwpdlx20.ocx
2009-04-29 08:56:43 0 d-----w- c:\program files (x86)\High Quality Photo Resizer
2009-04-29 08:38:38 0 d-----w- c:\program files (x86)\CUBASE ETC
2009-04-28 22:46:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-04-28 22:24:11 0 d-----w- c:\users\rysak\appdata\roaming\QIP
2009-04-28 22:23:55 0 d-----w- c:\program files (x86)\QIP Infium
2009-04-28 22:06:08 168448 ----a-w- c:\windows\syswow64\unrar.dll
2009-04-28 22:06:06 0 d-----w- c:\program files (x86)\K-Lite Codec Pack
2009-04-28 18:36:24 439808 ----a-w- c:\windows\system32\winhttp.dll
2009-04-28 18:36:24 376832 ----a-w- c:\windows\syswow64\winhttp.dll
2009-04-28 18:36:18 855552 ----a-w- c:\windows\syswow64\kernel32.dll
2009-04-28 18:36:18 25600 ----a-w- c:\windows\system32\amxread.dll
2009-04-28 18:36:18 24064 ----a-w- c:\windows\syswow64\amxread.dll
2009-04-28 18:36:18 15872 ----a-w- c:\windows\system32\apilogen.dll
2009-04-28 18:36:18 13824 ----a-w- c:\windows\syswow64\apilogen.dll
2009-04-28 18:34:32 0 d-----r- c:\program files (x86)\Skype
2009-04-28 18:34:25 0 d-----w- c:\programdata\Skype
2009-04-28 18:25:59 0 d-----w- c:\programdata\Creative
2009-04-28 12:24:52 0 ----a-w- c:\windows\syswow64\config.nt
2009-04-28 12:24:43 0 d-----w- c:\program files\Alwil Software
2009-04-28 11:50:50 0 d-----w- c:\programdata\Roxio
2009-04-27 11:15:59 0 d-----w- c:\users\rysak\appdata\roaming\Dell
2009-04-27 11:15:42 0 d-----w- c:\users\rysak\Bluetooth Software
2009-04-27 11:11:06 0 d-sh--we c:\programdata\Documents
2009-04-27 11:11:06 0 d-sh--we C:\Documents and Settings
2009-04-03 00:12:36 0 d-----w- c:\program files\Synaptics
2009-04-03 00:10:39 29184 ----a-w- c:\windows\system32\hid.dll
2009-04-03 00:10:39 26112 ----a-w- c:\windows\syswow64\hidserv.dll
2009-04-03 00:10:39 24064 ----a-w- c:\windows\system32\hidserv.dll
2009-04-03 00:10:39 22016 ----a-w- c:\windows\syswow64\hid.dll
2009-04-03 00:10:12 34816 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2009-04-03 00:10:12 276480 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-04-03 00:10:12 23040 ----a-w- c:\windows\system32\drivers\bthenum.sys
2009-04-03 00:10:12 187904 ----a-w- c:\windows\system32\fsquirt.exe
2009-04-03 00:09:43 466944 ----a-w- c:\windows\syswow64\netapi32.dll
2009-04-03 00:09:13 1809408 ----a-w- c:\windows\system32\msxml3.dll
2009-04-03 00:09:13 1191936 ----a-w- c:\windows\syswow64\msxml3.dll
2009-04-03 00:08:12 75264 ----a-w- c:\windows\system32\newdev.exe
2009-04-03 00:08:12 74752 ----a-w- c:\windows\syswow64\newdev.exe
2009-04-03 00:08:12 468992 ----a-w- c:\windows\syswow64\newdev.dll
2009-04-03 00:08:12 214016 ----a-w- c:\windows\system32\newdev.dll
2009-04-03 00:06:23 883200 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-03 00:06:23 48640 ----a-w- c:\windows\system32\dataclen.dll
2009-04-03 00:06:23 47104 ----a-w- c:\windows\system32\cdd.dll
2009-04-03 00:06:23 45056 ----a-w- c:\windows\syswow64\dataclen.dll
2009-04-03 00:06:23 399872 ----a-w- c:\windows\system32\emdmgmt.dll
2009-04-03 00:06:23 187392 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-03 00:05:00 1691648 ----a-w- c:\windows\system32\connect.dll
2009-04-03 00:05:00 1645568 ----a-w- c:\windows\syswow64\connect.dll
2009-04-03 00:04:32 388608 ----a-w- c:\windows\system32\gdi32.dll
2009-04-03 00:04:32 303104 ----a-w- c:\windows\syswow64\gdi32.dll
2009-04-03 00:04:06 3080704 ----a-w- c:\windows\explorer.exe
2009-04-03 00:04:06 2927104 ----a-w- c:\windows\syswow64\explorer.exe
2009-04-03 00:03:24 11580928 ----a-w- c:\windows\syswow64\shell32.dll
2009-04-03 00:02:37 738304 ----a-w- c:\windows\syswow64\inetcomm.dll
2009-04-03 00:02:36 974848 ----a-w- c:\windows\system32\inetcomm.dll
2009-04-03 00:02:10 361984 ----a-w- c:\windows\system32\es.dll
2009-04-03 00:02:10 269312 ----a-w- c:\windows\syswow64\es.dll
2009-04-02 23:56:04 61440 ----a-w- c:\windows\syswow64\winipsec.dll
2009-04-02 23:56:04 531456 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-04-02 23:56:04 28672 ----a-w- c:\windows\syswow64\FwRemoteSvr.dll
2009-04-02 23:56:04 272896 ----a-w- c:\windows\syswow64\polstore.dll
2009-04-02 23:55:17 451584 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-02 23:53:44 557056 ----a-w- c:\windows\system32\wmpeffects.dll
2009-04-02 23:53:44 303616 ----a-w- c:\windows\syswow64\wmpeffects.dll
2009-04-02 23:51:19 9127 ----a-w- c:\windows\syswow64\RacUR.xml
2009-04-02 23:51:19 9127 ----a-w- c:\windows\system32\RacUR.xml
2009-04-02 23:51:19 885248 ----a-w- c:\windows\syswow64\RacEngn.dll
2009-04-02 23:51:19 153 ----a-w- c:\windows\syswow64\RacUREx.xml
2009-04-02 23:51:19 153 ----a-w- c:\windows\system32\RacUREx.xml
2009-04-02 23:51:19 1244672 ----a-w- c:\windows\system32\RacEngn.dll
2009-04-02 23:50:55 1571328 ----a-w- c:\windows\system32\quartz.dll
2009-04-02 23:50:55 1314816 ----a-w- c:\windows\syswow64\quartz.dll
2009-04-02 23:48:55 470016 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-04-02 23:48:55 425472 ----a-w- c:\windows\syswow64\PhotoMetadataHandler.dll
2009-04-02 23:48:54 841216 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-04-02 23:48:54 712704 ----a-w- c:\windows\syswow64\WindowsCodecs.dll
2009-04-02 23:48:54 347648 ----a-w- c:\windows\syswow64\WindowsCodecsExt.dll
2009-04-02 23:48:53 387584 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-04-02 23:47:21 801280 ----a-w- c:\windows\syswow64\NaturalLanguage6.dll
2009-04-02 23:47:21 2644480 ----a-w- c:\windows\syswow64\NlsLexicons0009.dll
2009-04-02 23:47:21 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-02 23:47:21 1361920 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-04-02 23:47:21 12240896 ----a-w- c:\windows\syswow64\NlsLexicons0007.dll
2009-04-02 23:47:21 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-02 23:43:35 660480 ----a-w- c:\windows\system32\win32spl.dll
2009-04-02 23:43:35 443392 ----a-w- c:\windows\syswow64\win32spl.dll
2009-04-02 23:41:14 272896 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-02 23:40:57 1729024 ----a-w- c:\windows\system32\msxml6.dll
2009-04-02 23:40:57 1334272 ----a-w- c:\windows\syswow64\msxml6.dll
2009-04-02 23:40:36 94720 ----a-w- c:\windows\syswow64\logagent.exe
2009-04-02 23:40:36 3547648 ----a-w- c:\windows\system32\mf.dll
2009-04-02 23:40:36 2868736 ----a-w- c:\windows\syswow64\mf.dll
2009-04-02 23:40:36 112640 ----a-w- c:\windows\system32\logagent.exe
2009-04-02 23:40:35 996352 ----a-w- c:\windows\syswow64\WMNetMgr.dll
2009-04-02 23:40:35 2386944 ----a-w- c:\windows\syswow64\WMVCORE.DLL
2009-04-02 23:40:35 1245184 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-04-02 23:39:55 1926656 ----a-w- c:\windows\system32\gameux.dll
2009-04-02 23:39:55 1695744 ----a-w- c:\windows\syswow64\gameux.dll
2009-04-02 23:39:34 17408 ----a-w- c:\windows\system32\wshrm.dll
2009-04-02 23:39:34 14848 ----a-w- c:\windows\syswow64\wshrm.dll
2009-04-02 23:39:34 140288 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-02 23:34:38 35521 ----a-w- c:\windows\system32\nvwsapps.xml
2009-04-02 23:31:46 0 d-----w- c:\windows\system32\oem
2009-04-02 23:31:46 0 d-----w- C:\Drivers
2009-04-02 23:31:46 0 d-----w- C:\DELL
2009-04-02 16:22:33 0 d-----w- c:\programdata\NVIDIA
2009-04-02 16:19:13 0 d-----w- c:\program files\IDT
2009-04-02 16:18:35 501280 ----a-w- c:\windows\system32\nvuninst.exe
2009-04-02 16:17:14 17408 ----a-w- c:\windows\syswow64\rpcnetp.dll
2009-04-02 16:15:25 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-04-02 16:09:04 0 d-----w- c:\program files (x86)\Dell
2009-04-02 16:00:45 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-04-02 16:00:45 3426072 ----a-w- c:\windows\syswow64\d3dx9_32.dll
2009-04-02 16:00:20 0 d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2009-04-02 15:57:00 0 d-----w- c:\program files (x86)\Microsoft
2009-04-02 15:55:55 0 d-----w- c:\program files (x86)\Windows Live SkyDrive
2009-04-02 15:55:14 0 d-----w- c:\windows\PCHEALTH
2009-04-02 15:49:07 0 d-----w- c:\program files (x86)\common files\Windows Live
2009-04-02 15:47:13 0 d-----w- c:\program files (x86)\Sensible Vision
2009-04-02 15:45:38 0 d-----w- c:\programdata\Dell
2009-04-02 15:45:15 89088 ----a-w- c:\windows\syswow64\atl71.dll
2009-04-02 15:45:15 1060864 ----a-w- c:\windows\syswow64\MFC71.dll
2009-04-02 15:45:15 1047552 ----a-w- c:\windows\syswow64\MFC71u.dll
2009-04-02 15:45:15 0 d-----w- c:\program files\CyberLink
2009-04-02 15:43:05 0 d-----w- c:\windows\CtDrvInstall
2009-04-02 15:43:03 5120 ----a-w- c:\windows\system32\OA002Aor.dll
2009-04-02 15:43:03 24576 ----a-w- c:\windows\syswow64\OA002Aor.dll
2009-04-02 15:42:21 0 d-----w- c:\program files (x86)\Creative
2009-04-02 15:42:11 0 d-----w- c:\program files (x86)\common files\Reallusion
2009-04-02 15:41:54 57656 ------w- c:\windows\system32\FilterPC.bmp
2009-04-02 15:41:54 24995 ------w- c:\windows\system32\FilterPC.jpg
2009-04-02 15:41:38 0 d-----w- c:\program files (x86)\Dell Webcam
2009-04-02 15:41:34 0 d-----w- c:\program files (x86)\Creative Live! Cam
2009-04-02 15:41:07 0 d-----w- c:\programdata\Uninstall
2009-04-02 15:41:05 0 d-----w- c:\program files (x86)\common files\SureThing Shared
2009-04-02 15:40:08 0 d-----w- c:\programdata\Sonic
2009-04-02 15:40:05 54480 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2009-04-02 15:40:05 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-04-02 15:40:05 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-04-02 15:40:03 0 d-----w- c:\program files (x86)\common files\Sonic Shared
2009-04-02 15:40:03 0 d-----w- c:\program files (x86)\common files\PX Storage Engine
2009-04-02 15:39:06 0 d-----w- c:\programdata\InstallShield
2009-04-02 15:39:03 0 d-----w- c:\program files (x86)\Roxio
2009-04-02 15:37:25 92200 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2009-04-02 15:37:25 36392 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-04-02 15:37:25 19880 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2009-04-02 15:37:25 120872 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2009-04-02 15:37:23 296960 ----a-w- c:\windows\system32\BtwRSupport.dll
2009-04-02 15:37:23 23752 ----a-w- c:\windows\system32\providers.bin
2009-04-02 15:37:21 0 d-----w- c:\windows\syswow64\es-MX
2009-04-02 15:37:21 0 d-----w- c:\windows\syswow64\es-AR
2009-04-02 15:37:21 0 d-----w- c:\windows\system32\es-MX
2009-04-02 15:37:21 0 d-----w- c:\windows\system32\es-AR
2009-04-02 15:37:21 0 d-----w- c:\program files\WIDCOMM
2009-04-02 15:37:16 836 ----a-w- c:\windows\bthservsdp.dat
2009-04-02 15:36:27 0 d-----w- c:\program files\Dell
2009-04-02 15:35:34 0 d-----w- c:\program files\Dell Inc
2009-04-02 15:35:31 410984 ----a-w- c:\windows\syswow64\deploytk.dll
2009-04-02 15:35:31 148888 ----a-w- c:\windows\syswow64\javaws.exe
2009-04-02 15:35:31 144792 ----a-w- c:\windows\syswow64\javaw.exe
2009-04-02 15:35:31 144792 ----a-w- c:\windows\syswow64\java.exe
2009-04-02 15:33:53 0 d-sh--w- c:\windows\Installer
2009-04-02 15:33:29 0 d-----w- c:\windows\syswow64\Macromed
2009-04-02 15:29:56 136109 ----a-w- c:\programdata\nvModes.dat
2009-04-02 15:27:24 739384 ----a-w- c:\windows\system32\drivers\ndis.sys
2009-04-02 15:24:26 410656 ----a-w- c:\windows\system32\nvcpl.cpl
2009-04-02 15:24:26 388640 ----a-w- c:\windows\system32\nvexpbar.dll
2009-04-02 15:24:26 2089504 ----a-w- c:\windows\system32\nvcplui.exe
2009-04-02 15:24:26 1071136 ----a-w- c:\windows\system32\nvcpluir.dll
2009-02-27 23:18:00 49152 ----a-w- c:\windows\syswow64\instw64.exe
2008-12-02 21:37:20 49480 ----a-w- c:\windows\syswow64\sirenacm.dll
2008-11-10 13:17:04 59144 ----a-w- c:\windows\syswow64\FAib.dll
2008-11-10 13:16:58 485640 ----a-w- c:\windows\system32\FAPassSync.dll
2008-11-10 13:16:56 152840 ----a-w- c:\windows\syswow64\FAPassSync.dll
2008-11-10 13:16:38 87816 ----a-w- c:\windows\syswow64\FAIEExtension.dll
2008-11-10 13:16:26 6354184 ----a-w- c:\windows\syswow64\FAIESSODlg.dll
2008-11-10 13:16:18 222472 ----a-w- c:\windows\syswow64\FAConsIfDLL.dll
2008-11-10 13:16:14 769288 ----a-w- c:\windows\syswow64\FACredProv2.dll
2008-11-10 13:16:12 843016 ----a-w- c:\windows\syswow64\FACredProv.dll
2008-11-10 13:16:12 233736 ----a-w- c:\windows\syswow64\FACrashRpt.dll
2008-11-10 12:28:12 879104 ----a-w- c:\windows\system32\FACredProv2.dll
2008-11-10 12:27:44 955904 ----a-w- c:\windows\system32\FACredProv.dll
2008-10-10 14:57:35 14336 ----a-w- c:\windows\syswow64\instac64.exe
2008-10-10 14:57:25 33792 ----a-w- c:\windows\syswow64\identprv.dll
2008-09-30 14:43:34 1286152 ----a-w- c:\windows\syswow64\msxml4.dll
2008-09-24 18:36:14 238848 ----a-w- c:\windows\system32\drivers\facap.sys
2008-07-31 08:16:54 947472 ----a-w- c:\windows\syswow64\msjava.dll
2008-06-27 05:51:10 88632 ----a-w- c:\windows\system32\drivers\adfs.sys
2008-06-05 15:05:18 26624 ----a-w- c:\windows\system32\BtwRadioCoInst.dll
2008-06-05 15:05:14 365056 ----a-w- c:\windows\system32\BtMmHook.dll
2008-06-05 15:04:58 975872 ----a-w- c:\windows\system32\btwprofpack.dll
2008-06-05 15:04:40 1166336 ----a-w- c:\windows\system32\BtwNamespaceExt.dll
2008-06-05 15:03:34 490496 ----a-w- c:\windows\system32\BtwNeLib.dll
2008-06-05 15:02:24 549376 ----a-w- c:\windows\system32\BtwApplExt.dll
2008-06-05 14:50:40 1748480 ----a-w- c:\windows\system32\btins.dll
2008-06-05 14:50:00 482816 ----a-w- c:\windows\system32\btwhidcs.dll
2008-06-05 14:49:18 1492992 ----a-w- c:\windows\system32\BtWizard.dll
2008-06-05 14:48:30 1103360 ----a-w- c:\windows\system32\btsec.dll
2008-06-05 14:48:18 674816 ----a-w- c:\windows\system32\btcss.dll
2008-06-05 14:47:10 235008 ----a-w- c:\windows\system32\btsendto_ie.dll
2008-06-05 14:46:52 456192 ----a-w- c:\windows\system32\btsendto_office.dll
2008-06-05 14:46:08 294400 ----a-w- c:\windows\system32\btsendto_wab.dll
2008-06-05 14:45:34 200704 ----a-w- c:\windows\system32\btsendto_notes.dll
2008-06-05 14:45:18 731136 ----a-w- c:\windows\system32\btosif_wincal.dll
2008-06-05 14:44:46 364544 ----a-w- c:\windows\system32\btosif_olx.dll
2008-06-05 14:44:30 541184 ----a-w- c:\windows\system32\btosif_ol.dll
2008-06-05 14:44:14 483328 ----a-w- c:\windows\system32\btosif_notes.dll
2008-06-05 14:43:54 244736 ----a-w- c:\windows\system32\btwpimif.dll
2008-06-05 14:43:36 890880 ----a-w- c:\windows\system32\BTChooser.dll
2008-06-05 14:43:10 506880 ----a-w- c:\windows\system32\btsendto.dll
2008-06-05 14:42:50 312320 ----a-w- c:\windows\system32\btosif.dll
2008-06-05 14:42:08 360448 ----a-w- c:\windows\system32\BTXPPanel.dll
2008-06-05 14:41:54 30720 ----a-w- c:\windows\system32\BtXpShell.dll
2008-06-05 14:41:48 295424 ----a-w- c:\windows\system32\BtAudioHelper.dll
2008-06-05 14:35:36 369664 ----a-w- c:\windows\system32\bt2k_ins.dll
2008-06-05 14:35:30 75264 ----a-w- c:\windows\system32\btdev.dll
2008-06-05 14:34:24 5347840 ----a-w- c:\windows\system32\btrez.dll
2008-06-05 14:33:14 305664 ----a-w- c:\windows\system32\BTNCopy.dll
2008-06-05 14:32:18 706048 ----a-w- c:\windows\system32\btbip.dll
2008-06-05 14:32:02 954368 ----a-w- c:\windows\system32\BtWdSdk.dll
2008-06-05 14:31:04 699392 ----a-w- c:\windows\system32\Btwapi.dll
2008-06-05 14:29:56 916992 ----a-w- c:\windows\system32\wbtapi.dll
2008-06-05 14:25:30 655360 ----a-w- c:\windows\syswow64\BtwNamespaceExt.dll
2008-06-05 14:23:02 249856 ----a-w- c:\windows\syswow64\BtWmpPlugIn.dll
2008-06-05 14:00:14 352256 ----a-w- c:\windows\syswow64\btsendto_office.dll
2008-06-05 13:56:32 356352 ----a-w- c:\windows\syswow64\btosif_ol.dll
2008-06-05 13:54:40 806912 ----a-w- c:\windows\syswow64\BTChooser.dll
2008-06-05 13:53:54 405504 ----a-w- c:\windows\syswow64\btsendto.dll
2008-06-05 13:53:20 233472 ----a-w- c:\windows\syswow64\btosif.dll
2008-06-05 13:37:06 675840 ----a-w- c:\windows\syswow64\BtWdSdk.dll
2008-06-05 13:35:28 622592 ----a-w- c:\windows\syswow64\btwapi.dll
2008-06-05 13:29:42 5369856 ----a-w- c:\windows\syswow64\btrez.dll
2008-02-05 02:28:08 0 ----a-w- c:\windows\system32\atiicdxx.dat
2008-02-05 02:23:41 0 d-----w- c:\windows\Panther
2008-02-05 02:23:25 333203 --sha-r- C:\bootmgr
2008-02-05 02:23:25 0 d-sh--w- C:\Boot
2008-01-21 04:12:36 8704 ------w- c:\windows\system32\drivers\errdev.sys
2008-01-21 04:02:13 55296 ----a-w- c:\windows\system32\drivers\blbdrive.sys
2008-01-21 03:52:04 438328 ----a-w- c:\windows\system32\drivers\MegaSR.sys
2008-01-21 03:04:13 0 d-----w- C:\PerfLogs
2008-01-21 02:51:59 28672 ----a-w- c:\windows\syswow64\TsWpfWrp.exe
2008-01-21 02:50:59 785920 ----a-w- c:\windows\system32\Utilman.exe
2008-01-21 02:49:59 98816 ----a-w- c:\windows\system32\drivers\raspptp.sys
2008-01-21 02:48:59 70144 ----a-w- c:\windows\system32\ncobjapi.dll
2008-01-21 02:47:59 97280 ----a-w- c:\windows\syswow64\OptionalFeatures.exe
2008-01-21 02:46:59 64000 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2008-01-21 02:17:04 458752 ----a-w- c:\windows\system32\InstallPackage_ETW.Log.perf
2008-01-21 02:17:04 458752 ----a-w- c:\windows\system32\InstallPackage_ETW.Log.dpx
2007-10-07 13:08:47 0 d-----w- c:\users\rysak\appdata\roaming\uTorrent
2007-10-07 13:08:47 0 d-----w- c:\program files (x86)\uTorrent
2007-09-30 23:22:54 65536 --sha-w- c:\users\rysak\ntuser.dat{d95028c6-6fab-11dc-906f-002219de167d}.TM.blf
2007-09-30 23:22:54 524288 --sha-w- c:\users\rysak\ntuser.dat{d95028c6-6fab-11dc-906f-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2007-09-30 23:22:54 524288 --sha-w- c:\users\rysak\ntuser.dat{d95028c6-6fab-11dc-906f-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2007-09-26 17:20:48 0 d-----w- c:\program files (x86)\Great White North Technologies(14)
2007-09-19 09:52:02 0 d-----w- c:\program files (x86)\CDex_170b2
2007-09-08 11:10:39 0 d-----w- C:\totalcmd
2007-09-07 06:26:00 0 d-----w- c:\programdata\WindowsSearch
2007-08-21 09:03:12 0 d-----w- c:\users\rysak\appdata\roaming\Malwarebytes
2007-08-21 09:03:07 0 d-----w- c:\programdata\Malwarebytes
2007-08-21 09:03:05 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-08-21 09:03:05 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2007-08-20 18:56:13 0 d-----w- C:\_OTL
2007-08-19 22:40:14 0 d-----w- c:\program files (x86)\common files\PersonSecurityUninstall
2007-08-19 22:39:59 0 d-----w- c:\program files (x86)\PersonSecurity
2007-08-15 19:33:20 973655 ----a-w- c:\users\rysak\Untitled-5.pdf
2007-08-15 19:33:20 809068 ----a-w- c:\users\rysak\Untitled-4.pdf
2007-08-15 19:33:20 615575 ----a-w- c:\users\rysak\Untitled-1.pdf
2007-08-15 19:33:20 353952 ----a-w- c:\users\rysak\Untitled-3.pdf
2007-08-15 19:33:20 326943 ----a-w- c:\users\rysak\Untitled-2.pdf
2007-08-09 20:16:54 65536 --sha-w- c:\users\rysak\ntuser.dat{4da50f9b-46b5-11dc-9297-002219de167d}.TM.blf
2007-08-09 20:16:54 524288 --sha-w- c:\users\rysak\ntuser.dat{4da50f9b-46b5-11dc-9297-002219de167d}.TMContainer00000000000000000002.regtrans-ms
2007-08-09 20:16:54 524288 --sha-w- c:\users\rysak\ntuser.dat{4da50f9b-46b5-11dc-9297-002219de167d}.TMContainer00000000000000000001.regtrans-ms
2007-08-06 22:06:09 0 d-sh--w- c:\windows\system32\%APPDATA%
2007-07-29 12:36:10 139935 ----a-w- c:\users\rysak\.recently-used.xbel
2007-07-29 11:35:10 54873 ----a-w- c:\users\rysak\salon.jpg
2007-07-29 11:35:10 25217 ----a-w- c:\users\rysak\kosmetika2.jpg
2007-07-29 11:35:10 22910 ----a-w- c:\users\rysak\jp.jpg
2007-07-29 11:17:32 57484 ----a-w- c:\users\rysak\001-wallpaper-LaserSniper.jpg
2007-07-29 11:17:32 1572930 ----a-w- c:\users\rysak\14.bmp
2007-07-29 11:17:32 112390 ----a-w- c:\users\rysak\lasersniper-500x500.jpg

==================== Find3M ====================

2009-11-24 22:54:29 1280480 ----a-w- c:\windows\syswow64\aswBoot.exe
2009-11-24 22:49:56 65616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-10-07 17:16:38 180224 ----a-w- c:\windows\syswow64\cnvshell.dll
2009-08-29 18:55:18 86016 ----a-w- c:\windows\inf\infstor.dat
2009-08-29 18:55:18 51200 ----a-w- c:\windows\inf\infpub.dat
2009-08-29 18:55:18 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-08-07 02:24:09 35552 ----a-w- c:\windows\syswow64\wups.dll
2009-08-07 02:23:52 575704 ----a-w- c:\windows\syswow64\wuapi.dll
2009-08-07 01:59:43 2621440 ----a-w- c:\windows\system32\wucltux.dll
2009-08-07 01:59:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2009-08-07 01:44:40 87552 ----a-w- c:\windows\syswow64\wudriver.dll
2009-08-06 17:23:06 185416 ----a-w- c:\windows\system32\wuwebv.dll
2009-08-06 17:23:06 171608 ----a-w- c:\windows\syswow64\wuwebv.dll
2009-08-06 16:59:12 36864 ----a-w- c:\windows\system32\wuapp.exe
2009-08-06 16:44:46 33792 ----a-w- c:\windows\syswow64\wuapp.exe
2009-07-21 22:11:15 1146880 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 22:06:31 77312 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 22:06:31 132096 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:52:28 915456 ----a-w- c:\windows\syswow64\wininet.dll
2009-07-21 21:52:13 1208832 ----a-w- c:\windows\syswow64\urlmon.dll
2009-07-21 21:50:46 206848 ----a-w- c:\windows\syswow64\occache.dll
2009-07-21 21:48:31 5937152 ----a-w- c:\windows\syswow64\mshtml.dll
2009-07-21 21:48:27 594432 ----a-w- c:\windows\syswow64\msfeeds.dll
2009-07-21 21:48:27 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2009-07-21 21:47:47 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2009-07-21 21:47:28 164352 ----a-w- c:\windows\syswow64\ieui.dll
2009-07-21 21:47:28 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2009-07-21 21:47:27 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2009-07-21 21:47:27 1985536 ----a-w- c:\windows\syswow64\iertutil.dll
2009-07-21 21:47:26 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2009-07-21 21:47:26 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2009-07-21 21:47:26 11067392 ----a-w- c:\windows\syswow64\ieframe.dll
2009-07-21 21:47:21 386048 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-07-21 20:34:53 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-21 20:13:58 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2009-07-21 20:13:51 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2009-07-21 20:13:15 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2009-07-14 13:21:42 368128 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 13:20:51 5120 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 13:20:06 9216 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 13:00:17 313344 ----a-w- c:\windows\syswow64\wmpdxm.dll
2009-07-14 13:00:16 10624000 ----a-w- c:\windows\syswow64\wmp.dll
2009-07-14 12:59:28 4096 ----a-w- c:\windows\syswow64\dxmasf.dll
2009-07-14 12:58:44 7680 ----a-w- c:\windows\syswow64\spwmp.dll
2009-07-14 11:31:58 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-14 10:59:56 8147456 ----a-w- c:\windows\syswow64\wmploc.DLL
2009-06-16 01:31:37 515656 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 15:46:54 205312 ----a-w- c:\windows\system32\wdigest.dll
2009-06-15 15:46:07 94720 ----a-w- c:\windows\system32\secur32.dll
2009-06-15 15:46:04 338944 ----a-w- c:\windows\system32\schannel.dll
2009-06-15 15:45:46 1692160 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-15 15:44:24 268800 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-15 15:43:24 656384 ----a-w- c:\windows\system32\kerberos.dll
2009-06-15 15:25:02 76800 ----a-w- c:\windows\syswow64\secur32.dll
2009-06-15 15:24:38 175104 ----a-w- c:\windows\syswow64\wdigest.dll
2009-06-15 15:24:02 270848 ----a-w- c:\windows\syswow64\schannel.dll
2009-06-15 15:22:19 213504 ----a-w- c:\windows\syswow64\msv1_0.dll
2009-06-15 15:21:07 499712 ----a-w- c:\windows\syswow64\kerberos.dll
2009-06-15 13:26:45 11264 ----a-w- c:\windows\system32\lsass.exe
2009-05-15 22:12:05 21048 ----a-w- c:\windows\system32\drivers\spldr.sys
2009-04-30 12:32:20 375808 ----a-w- c:\windows\system32\psisdecd.dll
2009-04-30 12:32:16 558592 ----a-w- c:\windows\system32\EncDec.dll
2009-04-30 12:19:37 293376 ----a-w- c:\windows\syswow64\psisdecd.dll
2009-04-30 12:19:34 428544 ----a-w- c:\windows\syswow64\EncDec.dll
2009-04-03 00:12:03 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-04-02 23:42:45 1421368 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-02 23:36:48 488960 ----a-w- c:\windows\system32\msinfo32.exe
2009-04-02 23:34:17 4541 ----a-w- c:\windows\system32\drivers\1028_Dell_STU_1340.mrk
2009-04-02 16:19:08 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-03-08 11:40:55 55808 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 11:40:27 22528 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 11:40:13 131584 ----a-w- c:\windows\system32\PDMSetup.exe
2009-03-08 11:40:12 125440 ----a-w- c:\windows\system32\SetDepNx.exe
2009-03-08 11:40:10 612864 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 11:40:10 129024 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:40:10 128512 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:39:33 88064 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 11:39:18 76288 ----a-w- c:\windows\system32\wextract.exe
2009-03-08 11:39:09 193536 ----a-w- c:\windows\system32\iexpress.exe
2009-03-08 11:37:48 52736 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 11:37:29 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 11:37:22 41984 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 11:34:47 236544 ----a-w- c:\windows\syswow64\webcheck.dll
2009-03-08 11:34:47 208384 ----a-w- c:\windows\syswow64\WinFXDocObj.exe
2009-03-08 11:34:28 43008 ----a-w- c:\windows\syswow64\licmgr10.dll
2009-03-08 11:34:26 105984 ----a-w- c:\windows\syswow64\url.dll
2009-03-08 11:34:17 193536 ----a-w- c:\windows\syswow64\msrating.dll
2009-03-08 11:33:38 18944 ----a-w- c:\windows\syswow64\corpol.dll
2009-03-08 11:33:16 109568 ----a-w- c:\windows\syswow64\PDMSetup.exe
2009-03-08 11:33:15 107520 ----a-w- c:\windows\syswow64\RegisterIEPKEYs.exe
2009-03-08 11:33:15 107008 ----a-w- c:\windows\syswow64\SetIEInstalledDate.exe
2009-03-08 11:33:15 103936 ----a-w- c:\windows\syswow64\SetDepNx.exe
2009-03-08 11:33:14 726528 ----a-w- c:\windows\syswow64\jscript.dll
2009-03-08 11:33:06 229376 ----a-w- c:\windows\syswow64\ieaksie.dll
2009-03-08 11:33:04 420352 ----a-w- c:\windows\syswow64\vbscript.dll
2009-03-08 11:33:01 125952 ----a-w- c:\windows\syswow64\ieakeng.dll
2009-03-08 11:32:54 72704 ----a-w- c:\windows\syswow64\admparse.dll
2009-03-08 11:32:50 163840 ----a-w- c:\windows\syswow64\ieakui.dll
2009-03-08 11:32:46 128512 ----a-w- c:\windows\syswow64\advpack.dll
2009-03-08 11:32:44 94720 ----a-w- c:\windows\syswow64\inseng.dll
2007-05-05 19:00:43 74 --sh--r- c:\windows\CT4CET.bin

============= FINISH: 12:25:26,07 ===============

attach

doufam, ze to je spravny log. Jinak security center nezadouci je fuc!

========== OTL ==========
No active process named psecurity.exe was found!
Folder C:\Program Files (x86)\Common Files\PersonSecurityUninstall\ not found.
Folder C:\Program Files (x86)\PersonSecurity\ not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.1.36.1 log created on 08212007_124212

tak konecny log:
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3858
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18813

21.8.2007 14:46:41
mbam-log-2007-08-21 (14-46-41).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 546761
Uplynulý čas: 1 hour(s), 33 minute(s), 2 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\CS 4 Pre Release\AMCS4\Adobe CS4\Keygen\Adobe CS4 Master Collection Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.