Preventivní kontrola - Nespěchá!=) Vyřešeno

[memphisto]

Už jsem tu, tak chvíli vydrž a nahodím ti to sem

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
SecCenter::
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}

Folder::
c:\program files\DAEMON Tools Toolbar

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-
"PromptOnSecureDesktop"=-

File::
c:\windows\system32\Shutdown.exe


Firefox::
FF - ProfilePath - c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\authuitu.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[Reklama]

[autoprd]

ComboFix 11-01-02.04 - Autoprd 03.01.2011 17:29:45.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1289 [GMT 1:00]
Spuštěný z: c:\users\Autoprd\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Autoprd\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\system32\Shutdown.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\ConduitAutoCompleteSearch.js
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\ConduitAutoCompleteSearch.xpt
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\ConduitToolbar.idl
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\ConduitToolbar.js
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\ConduitToolbar.xpt
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.xpt
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.xpt
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults\default_radio_skin.xml
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults\fbAlert.js
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome.manifest
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome\zynga.jar
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\install.rdf
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\lib\xpcom.js
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF\manifest.mf
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF\zigbert.rsa
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF\zigbert.sf
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin\conduit.gif
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin\conduit.ico
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin\conduit.PNG
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin\conduit.src
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin\conduit.xml
c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\version.txt

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-03 do 2011-01-03 )))))))))))))))))))))))))))))))
.

2011-01-03 16:39 . 2011-01-03 16:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-02 20:36 . 2008-10-15 05:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-01-02 20:36 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-01-02 20:35 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-01-02 16:21 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B145C7D-D679-4131-B03B-4D536BCDFE80}\mpengine.dll
2011-01-02 15:01 . 2011-01-02 15:01 -------- d-----w- c:\program files\Opera
2011-01-02 13:31 . 2011-01-02 13:32 -------- d-----w- c:\users\NaRuTo
2011-01-01 23:15 . 2011-01-01 23:20 -------- d-----w- c:\programdata\TuneUp Software
2011-01-01 23:15 . 2011-01-01 23:15 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-01 23:12 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-01 23:12 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-01 23:12 . 2010-09-07 15:54 99792 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-01-01 23:12 . 2010-09-07 15:53 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-01-01 23:12 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-01 23:12 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-01 23:12 . 2010-12-31 19:56 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-01 23:11 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-01 23:11 . 2010-12-31 20:06 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-01 22:48 . 2011-01-01 22:48 -------- d-----w- c:\programdata\Solidshield
2011-01-01 22:44 . 2011-01-01 22:44 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-01-01 22:44 . 2011-01-01 22:44 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-01-01 12:57 . 2011-01-01 12:57 140288 ----a-w- c:\windows\system32\COMDLG32.OCX
2011-01-01 12:55 . 2011-01-01 12:55 1066176 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-01-01 12:55 . 2011-01-02 14:44 -------- d-----w- c:\program files\Share Rapid Uploader
2011-01-01 12:55 . 2008-02-08 09:59 109248 ----a-w- c:\windows\system32\MSWINSCK.OCX
2010-12-31 12:06 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2010-12-30 23:40 . 2011-01-02 21:33 -------- d-----w- c:\program files\Valve Hammer Editor
2010-12-28 23:25 . 2010-12-28 23:26 -------- d-----w- C:\My Web Sites
2010-12-28 21:17 . 2010-12-28 21:17 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-28 21:17 . 2010-12-28 21:17 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-27 08:42 . 2010-12-27 08:42 -------- d-----w- c:\program files\Lavalys
2010-12-25 23:22 . 2010-12-25 23:27 -------- d-----w- C:\web
2010-12-25 12:21 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-25 12:21 . 2010-12-25 12:21 -------- d-----w- c:\programdata\Malwarebytes
2010-12-25 12:21 . 2010-12-25 12:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 12:21 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-25 12:15 . 2010-12-25 12:15 73728 ---ha-w- c:\windows\system32\psProxy.dll
2010-12-25 12:15 . 2010-12-25 12:15 380928 ---ha-w- c:\windows\system32\pSOAP32.dll
2010-12-25 12:15 . 2010-12-25 12:15 110676 ---ha-w- c:\windows\system32\psDime.dll
2010-12-25 12:15 . 2010-12-25 12:15 266240 ---ha-w- c:\windows\system32\EncryptedFolder.dll
2010-12-25 12:15 . 2010-12-25 12:15 188416 ---ha-w- c:\windows\system32\pocketHTTP.dll
2010-12-25 12:09 . 2010-12-25 12:09 -------- d-----w- c:\program files\Trend Micro
2010-12-20 13:50 . 2010-12-20 13:50 -------- d-s---w- c:\program files\HLSW
2010-12-18 19:33 . 2010-12-18 19:33 -------- d-----w- c:\programdata\RegCure
2010-12-18 19:33 . 2010-12-18 19:38 -------- d-----w- c:\program files\RegCure
2010-12-18 12:33 . 2010-12-18 12:33 -------- d-----w- C:\SIERRA
2010-12-18 00:20 . 2010-12-18 00:20 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-18 00:20 . 2010-12-18 00:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-12-18 00:20 . 2010-12-18 00:20 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-12-18 00:20 . 2010-12-18 00:20 -------- d-----w- c:\windows\system32\xlive
2010-12-17 20:26 . 2010-12-17 20:26 -------- d-----w- c:\windows\cs
2010-12-17 20:24 . 2010-12-17 20:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-17 20:23 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll
2010-12-17 20:23 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-12-16 18:18 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2010-12-16 18:18 . 2009-08-02 20:09 1554944 ----a-w- c:\windows\system32\vorbis.acm
2010-12-16 18:18 . 2010-12-16 18:26 -------- d-----w- c:\program files\VstPlugins
2010-12-16 18:18 . 2010-12-16 18:18 -------- d-----w- c:\program files\Image-Line
2010-12-16 18:18 . 2010-12-16 18:18 -------- d-----w- c:\program files\Outsim
2010-12-15 18:09 . 2010-12-15 18:09 -------- d-----w- c:\program files\QuickTime
2010-12-15 18:08 . 2007-02-20 15:04 190696 ----a-w- c:\windows\system32\NPSWF32_FlashUtil.exe
2010-12-15 18:08 . 2007-02-20 15:04 2463976 ----a-w- c:\windows\system32\NPSWF32.dll
2010-12-15 18:04 . 2009-02-24 17:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2010-12-15 18:04 . 2010-12-29 07:55 -------- d-----w- c:\program files\MagicDisc
2010-12-15 18:03 . 2010-12-29 07:55 -------- d-----w- c:\program files\MagicISO
2010-12-15 16:39 . 2010-10-12 04:25 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-15 16:39 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-14 19:06 . 2010-12-29 07:52 -------- d-----w- c:\program files\Flash4D v5 - Pro Edition Trial
2010-12-14 17:05 . 2010-12-14 19:06 131584 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-12-14 16:25 . 2008-06-24 16:53 856064 ----a-w- c:\windows\system32\swfgen.dll
2010-12-14 16:24 . 2010-12-14 19:09 -------- d-----w- c:\program files\Flash4D Flash Intro Builder
2010-12-14 16:21 . 2010-12-14 16:21 -------- d-----w- c:\windows\PCHEALTH
2010-12-14 16:20 . 2010-12-14 16:22 -------- d-----w- c:\program files\Windows Live
2010-12-14 16:18 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-12-14 16:18 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2010-12-14 16:18 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-12-14 16:12 . 2010-12-14 16:12 -------- d-----w- c:\program files\Common Files\Windows Live
2010-12-14 16:08 . 2010-12-14 16:08 -------- d-----w- c:\program files\Win7codecs
2010-12-14 16:07 . 2010-12-14 16:08 -------- d-----w- c:\programdata\Win7codecs
2010-12-14 16:04 . 2010-12-14 16:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-14 16:04 . 2010-12-14 16:04 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-14 13:45 . 2010-12-14 13:45 -------- d-----w- c:\windows\system32\Wat
2010-12-13 20:56 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-12-13 20:55 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-12-13 20:55 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-12-13 20:55 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-12-13 20:55 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-12-13 20:55 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-12-13 20:51 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-12-13 17:27 . 2010-12-13 17:33 -------- d-----w- C:\Fraps
2010-12-13 17:13 . 2010-12-13 17:13 -------- d-----w- c:\program files\XeroBank
2010-12-13 14:06 . 2010-12-13 14:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-12-13 14:05 . 2010-12-13 14:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-12-13 14:05 . 2010-12-13 14:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-12-13 07:21 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2010-12-13 07:21 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2010-12-13 07:21 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2010-12-13 07:21 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2010-12-13 06:39 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-12-13 06:39 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-12-13 06:39 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-12-13 06:39 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
2010-12-13 06:39 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
2010-12-13 06:38 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-12-13 06:38 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-13 06:37 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-12-13 06:36 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-12-13 06:36 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-12-13 06:36 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-12-13 06:35 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-12-13 06:35 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2010-12-13 06:35 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2010-12-13 06:34 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-12-13 06:33 . 2010-03-04 07:33 1619968 ----a-w- c:\program files\Windows Mail\msoe.dll
2010-12-13 06:33 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-12-13 06:33 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-12-13 06:31 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-12-13 06:30 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-12-13 06:30 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-12-13 06:30 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-12-13 06:30 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-12-13 06:08 . 2011-01-03 16:41 -------- d-----w- c:\windows\system32\wbem\repository
2010-12-12 09:40 . 2010-12-13 06:04 -------- d-----w- c:\programdata\Skype
2010-12-11 23:26 . 2010-12-11 23:26 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-12-11 23:22 . 2010-12-11 23:35 -------- d-----w- c:\program files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-11-07 19:13 . 2010-11-07 19:13 1196544 ----a-w- c:\windows\system32\VSFilter.dll
2010-11-02 04:39 . 2010-12-15 16:38 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-15 16:38 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-30 11:57 . 2010-10-30 11:57 95232 ----a-w- c:\windows\system32\ff_vfw.dll
2010-10-30 11:54 . 2010-10-30 11:54 43520 ----a-w- c:\windows\system32\ff_acm.acm
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-11 322352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2009-09-03 61440]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Driver Genius.lnk]
backup=c:\windows\pss\Driver Genius.lnk.CommonStartup
backupExtension=.CommonStartup

R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 injectDLL;injectDLL;c:\users\Autoprd\Desktop\M2Fish 3.0.4\Injector 32 bit\injectDLL.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-13 1343400]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-13 691696]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-31 51280]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]

.
Obsah adresáře 'Naplánované úlohy'

2010-12-21 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-12-25 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-12-25 c:\windows\Tasks\At3.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2011-01-03 c:\windows\Tasks\AWC AutoSweep.job
- d:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-12-11 13:11]

2011-01-03 c:\windows\Tasks\AWC Startup.job
- d:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-11 15:19]

2011-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-11 13:14]

2011-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-11 13:14]

2011-01-02 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]

2011-01-02 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]
.
.
------- Doplňkový sken -------
.
FF - ProfilePath - c:\users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=MSNTDF&PC=MSNTDF&q=
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=MSNTDF&PC=MSNTDF&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-391943434-3306186706-2693305334-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-391943434-3306186706-2693305334-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-01-03 17:47:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-03 16:47
ComboFix2.txt 2011-01-02 18:46
ComboFix3.txt 2011-01-02 14:01

Před spuštěním: Volných bajtů: 12 142 637 056
Po spuštění: Volných bajtů: 11 981 770 752

- - End Of File - - FDB6C64715AF6BD271C010293C7FA610


authuitu.dll tam nebyl :)

[memphisto]

Nech si zobrazit skryté soubory a tu cestu k souboru jen zkopíruj na VT

[autoprd]

Mám nastavený aby se mi zobrazovaly ale opravdu tam není a nemužu to dát na VT nejde mi internet jen aplikace zas

[memphisto]

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[autoprd]

OTL Extras logfile created on: 3.1.2011 20:30:42 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = H:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,56 Gb Total Space | 11,22 Gb Free Space | 29,87% Space Free | Partition Type: NTFS
Drive D: | 195,32 Gb Total Space | 26,50 Gb Free Space | 13,57% Space Free | Partition Type: NTFS
Drive G: | 6,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 3,76 Gb Total Space | 3,75 Gb Free Space | 99,93% Space Free | Partition Type: FAT32

Computer Name: AUTOPRD-PC | User Name: Autoprd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Panel nástrojů Bing
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C9AAF970-4E7E-4C98-AD67-09C74379D345}" = Harry Potter and the Deathly Hallows™ - Part 1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"ASIO4ALL" = ASIO4ALL
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"Driver_0" = Driver Genius 10 Cz by Autoprd
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.2.1
"IL Download Manager" = IL Download Manager
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metin2_is1" = Metin2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"OpenAL" = OpenAL
"PoiZone" = PoiZone
"RegCure" = RegCure
"Sawer" = Sawer
"Share Rapid Uploader_is1" = Uploader 1.0
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"Valve Hammer Editor" = Valve Hammer Editor
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"75c0e0ceac8ef0d4" = CZShare Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.1.2011 8:04:06 | Computer Name = Autoprd-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dolphin.exe, verze: 0.0.0.0, časové razítko:
0x4c65f617 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x00046b90 ID chybujícího procesu:
0xdf8 Čas spuštění chybující aplikace: 0x01cbaa75244f6d27 Cesta k chybující aplikaci:
D:\Program Files\NARUTOSGNTS\Dolphin.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 65ac1c39-1668-11e0-92b5-00132036cc49

Error - 2.1.2011 8:05:32 | Computer Name = Autoprd-PC | Source = Application Hang | ID = 1002
Description = Program Dolphin.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
cc4 Čas spuštění: 01cbaa752e77fa1e Čas ukončení: 73 Cesta k aplikaci: D:\Program Files\NARUTOSGNTS\Dolphin.exe

ID
hlášení: 96785988-1668-11e0-92b5-00132036cc49

Error - 2.1.2011 8:05:41 | Computer Name = Autoprd-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dolphin.exe, verze: 0.0.0.0, časové razítko:
0x4c65f617 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x00046b90 ID chybujícího procesu:
0xf28 Čas spuštění chybující aplikace: 0x01cbaa755cf457a6 Cesta k chybující aplikaci:
D:\Program Files\NARUTOSGNTS\Dolphin.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 9e3ad2d2-1668-11e0-92b5-00132036cc49

Error - 2.1.2011 8:08:09 | Computer Name = Autoprd-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dolphin.exe, verze: 0.0.0.0, časové razítko:
0x4c65f617 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x00046b90 ID chybujícího procesu:
0x444 Čas spuštění chybující aplikace: 0x01cbaa758d4e9685 Cesta k chybující aplikaci:
D:\Program Files\NARUTOSGNTS\Dolphin.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: f66c9dad-1668-11e0-92b5-00132036cc49

Error - 2.1.2011 9:26:30 | Computer Name = Autoprd-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: metin2.exe, verze: 1.0.0.1, časové razítko:
0x457e9112 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x00046b90 ID chybujícího procesu:
0x1350 Čas spuštění chybující aplikace: 0x01cbaa80a92d7058 Cesta k chybující aplikaci:
D:\Program Files\Metin2de\metin2.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: e82837db-1673-11e0-9826-00132036cc49

Error - 2.1.2011 9:31:48 | Computer Name = Autoprd-PC | Source = EventSystem | ID = 4621
Description =

Error - 2.1.2011 11:07:06 | Computer Name = Autoprd-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Dolphin.exe, verze: 0.0.0.0, časové razítko:
0x4c65f617 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x00046b90 ID chybujícího procesu:
0x17ac Čas spuštění chybující aplikace: 0x01cbaa8eab43ed21 Cesta k chybující aplikaci:
D:\Program Files\NARUTOSGNTS\Dolphin.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: f5f8b18d-1681-11e0-9826-00132036cc49

Error - 2.1.2011 17:08:06 | Computer Name = Autoprd-PC | Source = Application Hang | ID = 1002
Description = Program MSIEXEC.EXE verze 5.0.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: fc4 Čas spuštění: 01cbaac111ca00f7 Čas ukončení: 16 Cesta k aplikaci: C:\Windows\system32\MSIEXEC.EXE

ID
hlášení: 61346c8c-16b4-11e0-9826-00132036cc49

Error - 3.1.2011 13:11:58 | Computer Name = Autoprd-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft\Search
Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru
manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search
Box Extension\SrchBxEx.dll na řádku 2. Neplatná syntaxe XML.

Error - 3.1.2011 15:58:36 | Computer Name = Autoprd-PC | Source = Application Hang | ID = 1002
Description = Program FL.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: b74 Čas
spuštění: 01cbab7ff810d5aa Čas ukončení: 55 Cesta k aplikaci: D:\Program Files\Image-Line\FL
Studio 9\FL.exe ID hlášení: d610d760-1773-11e0-a579-00132036cc49

[ Media Center Events ]
Error - 28.12.2010 16:16:54 | Computer Name = Autoprd-PC | Source = MCUpdate | ID = 0
Description = 21:16:54 - Chyba při připojování k Internetu 21:16:54 - Nelze kontaktovat
server..

Error - 28.12.2010 16:17:28 | Computer Name = Autoprd-PC | Source = MCUpdate | ID = 0
Description = 21:17:23 - Chyba při připojování k Internetu 21:17:23 - Nelze kontaktovat
server..

Error - 29.12.2010 3:40:06 | Computer Name = Autoprd-PC | Source = MCUpdate | ID = 0
Description = 8:40:00 - Chyba při připojování k Internetu 8:40:00 - Nelze kontaktovat
server..

[ System Events ]
Error - 3.1.2011 12:21:43 | Computer Name = Autoprd-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:20:38, ?3.?1.?2011) bylo neočekávané.

Error - 3.1.2011 12:21:36 | Computer Name = Autoprd-PC | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2011 12:21:46 | Computer Name = Autoprd-PC | Source = Service Control Manager | ID = 7000
Description = Služba avast! Firewall neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 3.1.2011 12:25:10 | Computer Name = Autoprd-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.1.2011 12:26:34 | Computer Name = Autoprd-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.1.2011 12:28:47 | Computer Name = Autoprd-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.1.2011 12:40:36 | Computer Name = Autoprd-PC | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2011 12:40:40 | Computer Name = Autoprd-PC | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2011 12:40:45 | Computer Name = Autoprd-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:39:33, ?3.?1.?2011) bylo neočekávané.

Error - 3.1.2011 12:40:49 | Computer Name = Autoprd-PC | Source = Service Control Manager | ID = 7000
Description = Služba avast! Firewall neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >

[autoprd]

OTL logfile created on: 3.1.2011 20:30:42 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = H:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,56 Gb Total Space | 11,22 Gb Free Space | 29,87% Space Free | Partition Type: NTFS
Drive D: | 195,32 Gb Total Space | 26,50 Gb Free Space | 13,57% Space Free | Partition Type: NTFS
Drive G: | 6,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 3,76 Gb Total Space | 3,75 Gb Free Space | 99,93% Space Free | Partition Type: FAT32

Computer Name: AUTOPRD-PC | User Name: Autoprd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - H:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - H:\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (injectDLL) -- C:\Users\Autoprd\Desktop\M2Fish 3.0.4\Injector 32 bit\injectDLL.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Users\Autoprd\AppData\Local\Temp\catchme.sys File not found
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (gMouUsb) -- C:\Windows\System32\drivers\gMouUsb.sys ()
DRV - (gHidPnp) -- C:\Windows\System32\drivers\gHidPnp.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=MSNTDF&PC=MSNTDF&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=MSNTDF&PC=MSNTDF&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.18 20:40:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.18 20:40:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.27 23:14:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.27 23:14:57 | 000,000,000 | ---D | M]

[2010.12.27 23:15:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Autoprd\AppData\Roaming\Mozilla\Extensions
[2010.12.27 23:15:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Autoprd\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.01.03 17:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\extensions
[2010.12.27 23:15:19 | 000,001,834 | ---- | M] () -- C:\Users\Autoprd\AppData\Roaming\Mozilla\Firefox\Profiles\6g51di5r.default\searchplugins\bing.xml
[2010.12.27 23:14:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.27 23:14:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\AUTOPRD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6G51DI5R.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
[2010.12.03 20:39:33 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.12.03 20:39:33 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.12.03 20:39:33 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.12.03 19:08:29 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.03 17:42:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.100.3.1 62.240.162.158
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.13 07:12:32 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.) - G:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.06.29 03:01:24 | 000,000,047 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.01.03 17:42:31 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.01.03 17:39:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.01.03 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\temp
[2011.01.03 17:26:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.01.02 22:09:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.01.02 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\CAPCOM
[2011.01.02 21:36:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011.01.02 21:36:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011.01.02 21:35:55 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011.01.02 19:40:04 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\ElevatedDiagnostics
[2011.01.02 16:01:51 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Opera
[2011.01.02 16:01:50 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Opera
[2011.01.02 16:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011.01.02 14:44:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.01.02 14:44:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.01.02 14:44:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.01.02 14:38:04 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Winamp
[2011.01.02 14:27:56 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.01.02 00:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.01.02 00:27:40 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Desktop\WinRAR 3.71 Corporate Edition
[2011.01.02 00:15:49 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\TuneUp_Utilities_2011_Build_10.0.2020.9_CZ
[2011.01.02 00:15:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\TuneUp Software
[2011.01.02 00:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.01.02 00:15:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.01.02 00:12:37 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.01.02 00:12:37 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Desktop\Avast - Internet Security 5.0.677 - Final + licence do 2012
[2011.01.02 00:12:36 | 000,293,968 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.01.02 00:12:28 | 000,099,792 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011.01.02 00:12:05 | 000,190,416 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011.01.02 00:12:04 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.01.02 00:12:03 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.01.02 00:12:02 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.01.02 00:11:49 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.01.02 00:11:49 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.01.01 23:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.01.01 23:38:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
[2011.01.01 13:57:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2011.01.01 13:55:50 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.01.01 13:55:03 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX
[2011.01.01 13:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Share Rapid Uploader
[2011.01.01 13:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Share Rapid Uploader
[2011.01.01 12:19:35 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\nhl addons
[2010.12.31 13:06:09 | 000,240,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010.12.31 12:27:23 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\NHL09
[2010.12.31 12:24:41 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Leadertech
[2010.12.31 00:40:16 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2010.12.31 00:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2010.12.31 00:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\Valve Hammer Editor
[2010.12.30 01:04:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.12.30 01:04:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.30 00:45:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZShare
[2010.12.30 00:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.12.30 00:38:04 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Deployment
[2010.12.30 00:38:04 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Apps
[2010.12.29 17:18:54 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Ashampoo
[2010.12.29 00:25:36 | 000,000,000 | ---D | C] -- C:\My Web Sites
[2010.12.28 23:59:27 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Audacity
[2010.12.27 23:15:10 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Mozilla
[2010.12.27 23:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2010.12.27 23:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.12.27 09:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2010.12.27 09:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.12.27 09:13:31 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\119614890734200052
[2010.12.27 09:13:23 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\119611678098662644
[2010.12.26 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Electronic Arts
[2010.12.26 01:31:57 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Microsoft Games
[2010.12.26 00:22:13 | 000,000,000 | ---D | C] -- C:\web
[2010.12.25 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Malwarebytes
[2010.12.25 13:21:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.25 13:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2010.12.25 13:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.25 13:21:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.25 13:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.25 13:15:35 | 000,380,928 | -H-- | C] (Simon Fell) -- C:\Windows\System32\pSOAP32.dll
[2010.12.25 13:15:35 | 000,266,240 | -H-- | C] (TODO: <Company name>) -- C:\Windows\System32\EncryptedFolder.dll
[2010.12.25 13:15:35 | 000,110,676 | -H-- | C] (pocketsoap.com) -- C:\Windows\System32\psDime.dll
[2010.12.25 13:15:35 | 000,073,728 | -H-- | C] (www.pocketsoap.com) -- C:\Windows\System32\psProxy.dll
[2010.12.25 13:15:34 | 000,188,416 | -H-- | C] (Simon Fell) -- C:\Windows\System32\pocketHTTP.dll
[2010.12.25 13:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.12.25 13:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2010.12.23 11:45:09 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\Sitemaps
[2010.12.23 11:44:10 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Emergency Soft
[2010.12.20 14:50:35 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLSW
[2010.12.20 14:50:35 | 000,000,000 | --SD | C] -- C:\Program Files\HLSW
[2010.12.18 22:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
[2010.12.18 20:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2010.12.18 20:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2010.12.18 20:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCure
[2010.12.18 20:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\RegCure
[2010.12.18 13:33:11 | 000,000,000 | ---D | C] -- C:\SIERRA
[2010.12.18 01:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.12.18 01:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.12.18 01:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2010.12.18 01:20:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.12.18 01:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010.12.17 23:41:00 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\cstrike
[2010.12.17 21:27:19 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\{7D0C70B8-18A5-4922-922B-272C0C5B1D26}
[2010.12.17 21:26:01 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2010.12.17 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.12.17 21:23:53 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010.12.17 21:23:53 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010.12.17 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\{9615835B-7C64-4E76-BF85-D536F9F2B810}
[2010.12.17 15:28:00 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\{0A7C52E4-747F-4BA2-9BA9-CF1467806EFB}
[2010.12.16 19:20:08 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2010.12.16 19:18:57 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\rewire.dll
[2010.12.16 19:18:54 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\Image-Line
[2010.12.16 19:18:44 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\System32\vorbis.acm
[2010.12.16 19:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2010.12.16 19:18:19 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2010.12.16 19:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2010.12.16 19:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2010.12.16 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\{4FE77C5B-379E-4367-94D4-3D9FA5F06B4E}
[2010.12.15 19:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.12.15 19:08:50 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2010.12.15 19:05:12 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2010.12.15 19:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2010.12.15 19:04:53 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\Windows\System32\drivers\mcdbus.sys
[2010.12.15 19:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2010.12.15 19:03:26 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2010.12.15 19:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2010.12.15 19:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2010.12.15 17:39:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.15 17:38:53 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 17:38:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 17:38:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 17:38:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 17:38:50 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 17:38:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 17:38:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 17:38:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 17:38:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 17:38:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 17:38:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 17:38:45 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 17:38:44 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 17:38:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 17:38:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.15 17:38:36 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.15 17:38:36 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 17:38:36 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 17:38:34 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 17:38:32 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.14 21:30:06 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2010.12.14 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash4D
[2010.12.14 20:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Flash4D v5 - Pro Edition Trial
[2010.12.14 19:42:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Thinstall
[2010.12.14 19:42:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Thinstall
[2010.12.14 18:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intro Wizard Software
[2010.12.14 17:25:36 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\{58524E7B-377D-4869-B7AE-C0B774F7BAD1}
[2010.12.14 17:25:20 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Windows Live Writer
[2010.12.14 17:25:20 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Windows Live Writer
[2010.12.14 17:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\Flash4D Flash Intro Builder
[2010.12.14 17:21:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.12.14 17:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010.12.14 17:18:25 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.12.14 17:18:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.12.14 17:18:23 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.12.14 17:12:41 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Windows Live
[2010.12.14 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010.12.14 17:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2010.12.14 17:08:54 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Win7codecs
[2010.12.14 17:08:28 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs
[2010.12.14 17:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2010.12.14 14:45:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010.12.13 21:55:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.12.13 21:55:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.12.13 21:55:24 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.12.13 21:51:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.12.13 18:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.12.13 18:27:04 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2010.12.13 18:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2010.12.13 18:27:04 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.12.13 18:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\XeroBank
[2010.12.13 15:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2010.12.13 15:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.12.13 15:05:41 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\DAEMON Tools Lite
[2010.12.13 15:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.12.13 14:54:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.12.13 14:54:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.12.13 14:54:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.12.13 14:54:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.12.13 14:54:33 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.12.13 14:54:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.12.13 14:54:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.12.13 14:54:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.12.13 14:54:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.12.13 14:54:32 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.12.13 14:54:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.12.13 14:54:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.12.13 14:54:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.12.13 14:54:32 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.12.13 14:54:31 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.12.13 14:54:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.12.13 14:54:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.12.13 14:54:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.12.13 14:54:27 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.12.13 14:54:27 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.12.13 14:54:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.12.13 14:54:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.12.13 14:54:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.12.13 14:54:26 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.12.13 14:54:26 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.12.13 14:54:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.12.13 14:54:25 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.12.13 14:54:25 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.12.13 14:54:25 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.12.13 14:54:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.12.13 14:54:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.12.13 14:54:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.12.13 14:54:24 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.12.13 14:54:23 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.12.13 14:54:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.12.13 14:54:23 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.12.13 14:54:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.12.13 14:54:23 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.12.13 14:54:22 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.12.13 14:54:22 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.12.13 14:54:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.12.13 14:54:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.12.13 14:54:21 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.12.13 14:54:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.12.13 14:54:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.12.13 14:54:21 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.12.13 14:54:20 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.12.13 14:54:20 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.12.13 14:54:20 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.12.13 14:54:20 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.12.13 14:54:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.12.13 14:54:19 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll

[autoprd]

[2010.12.13 14:54:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.12.13 14:54:18 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.12.13 14:54:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.12.13 14:54:18 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.12.13 14:54:17 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.12.13 14:54:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.12.13 14:54:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.12.13 14:54:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.12.13 14:54:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.12.13 14:54:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.12.13 14:54:15 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.12.13 14:54:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.12.13 14:54:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.12.13 14:54:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.12.13 14:54:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.12.13 14:54:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.12.13 14:54:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.12.13 10:08:18 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\PSpad
[2010.12.13 08:21:37 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.12.13 08:21:36 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.12.13 08:21:35 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.12.13 07:39:21 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.12.13 07:38:35 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.12.13 07:38:35 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.12.13 07:37:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.12.13 07:36:34 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.12.13 07:36:34 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.12.13 07:35:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.12.13 07:34:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.12.13 07:32:24 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.12.13 07:32:24 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.12.13 07:32:08 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.12.13 07:32:04 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.12.13 07:32:04 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.12.13 07:31:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.12.13 07:31:52 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.12.13 07:31:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.12.13 07:31:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.12.13 07:30:25 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.12.13 07:30:24 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.12.13 07:30:23 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010.12.13 07:30:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.12 17:45:30 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\GHISLER
[2010.12.12 13:01:33 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Mozilla
[2010.12.12 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Nvu
[2010.12.12 11:13:02 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\Version Cue
[2010.12.12 11:13:01 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\AdobeStockPhotos
[2010.12.12 10:41:49 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\skypePM
[2010.12.12 10:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.12 00:44:14 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\ICQ
[2010.12.12 00:37:31 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Adobe
[2010.12.12 00:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.12.12 00:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.12.12 00:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010.12.12 00:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.12.11 19:58:34 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\GHISLER
[2010.12.11 18:37:19 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\vlc
[2010.12.11 18:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.12.11 18:15:55 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\HLSW
[2010.12.11 15:58:14 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\Square Enix
[2010.12.11 15:54:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010.12.11 15:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010.12.11 15:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.12.11 15:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010.12.11 15:50:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.12.11 15:49:28 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.12.11 15:49:28 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.12.11 15:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010.12.11 15:38:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.12.11 15:37:53 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Skype
[2010.12.11 15:37:06 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\ICQ
[2010.12.11 15:37:05 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\AOL
[2010.12.11 15:36:48 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.12.11 15:36:47 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.12.11 15:36:47 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.12.11 15:36:47 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.12.11 15:36:46 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.12.11 15:36:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.12.11 15:36:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.12.11 15:36:45 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.12.11 15:36:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.12.11 15:36:45 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.12.11 15:36:39 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.12.11 15:36:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.12.11 15:36:39 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.12.11 15:36:39 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.12.11 15:36:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.12.11 15:36:38 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.12.11 15:36:38 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.12.11 15:36:37 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.12.11 15:36:37 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.12.11 15:09:41 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010.12.11 15:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010.12.11 15:09:26 | 000,000,000 | ---D | C] -- C:\Intel
[2010.12.11 15:07:11 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\ATI
[2010.12.11 15:07:11 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\ATI
[2010.12.11 15:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.12.11 15:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2010.12.11 15:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010.12.11 15:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010.12.11 15:01:53 | 000,000,000 | ---D | C] -- C:\ATI
[2010.12.11 14:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ioCentre
[2010.12.11 14:53:10 | 000,000,000 | ---D | C] -- C:\Genius
[2010.12.11 14:52:13 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\InstallShield
[2010.12.11 14:42:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.12.11 14:40:57 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.12.11 14:40:57 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.12.11 14:40:57 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.12.11 14:40:57 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.12.11 14:40:57 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.12.11 14:40:57 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.12.11 14:40:57 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.12.11 14:40:56 | 003,633,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.12.11 14:40:56 | 003,228,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.12.11 14:40:56 | 001,889,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.12.11 14:40:56 | 000,461,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.12.11 14:40:56 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.12.11 14:40:56 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.12.11 14:40:56 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.12.11 14:40:56 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.12.11 14:40:56 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.12.11 14:40:56 | 000,068,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.12.11 14:40:56 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.12.11 14:40:55 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.12.11 14:40:55 | 001,336,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.12.11 14:40:55 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.12.11 14:40:55 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.12.11 14:40:55 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.12.11 14:40:55 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.12.11 14:40:53 | 001,558,432 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.12.11 14:40:53 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.12.11 14:40:53 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.12.11 14:40:53 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.12.11 14:40:53 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.12.11 14:40:53 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.12.11 14:40:53 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.12.11 14:40:53 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.12.11 14:40:53 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.12.11 14:40:53 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.12.11 14:40:53 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.12.11 14:40:53 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.12.11 14:40:53 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.12.11 14:40:53 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.12.11 14:40:53 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.12.11 14:40:53 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.12.11 14:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.12.11 14:39:57 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.12.11 14:39:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.12.11 14:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.12.11 14:37:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.12.11 14:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2010.12.11 14:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.11 14:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.12.11 14:26:42 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\uTorrent
[2010.12.11 14:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 3
[2010.12.11 14:19:25 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\IObit
[2010.12.11 14:16:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Macromedia
[2010.12.11 14:16:45 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Adobe
[2010.12.11 14:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2010.12.11 14:14:39 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Google
[2010.12.11 14:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.12.11 14:14:07 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.12.11 14:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.12.11 14:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.12.11 14:06:09 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.12.11 14:04:22 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\DriverGenius
[2010.12.11 14:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.12.11 14:00:47 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\WinRAR
[2010.12.11 14:00:11 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\Documents\Nová složka
[2010.12.11 13:59:43 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2010.12.11 13:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2010.12.11 13:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.12.11 13:49:23 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Diagnostics
[2010.12.11 13:48:20 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2010.12.11 13:48:20 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Searches
[2010.12.11 13:48:20 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2010.12.11 13:48:12 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Identities
[2010.12.11 13:48:10 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Contacts
[2010.12.11 13:48:05 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\VirtualStore
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\AppData\Local\Temporary Internet Files
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Šablony
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Soubory cookie
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\SendTo
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Poslední
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Okolní tiskárny
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Okolní síť
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Documents\Obrázky
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Nabídka Start
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Local Settings
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Documents\Hudba
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\AppData\Local\History
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Documents\Filmy
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Dokumenty
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\Data aplikací
[2010.12.11 13:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Autoprd\AppData\Local\Data aplikací
[2010.12.11 13:48:02 | 000,000,000 | --SD | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Videos
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Saved Games
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Pictures
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Music
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Links
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Favorites
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Downloads
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Dokumenty
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\Desktop
[2010.12.11 13:48:02 | 000,000,000 | R--D | C] -- C:\Users\Autoprd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2010.12.11 13:48:02 | 000,000,000 | -H-D | C] -- C:\Users\Autoprd\AppData
[2010.12.11 13:48:02 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Local\Microsoft
[2010.12.11 13:48:02 | 000,000,000 | ---D | C] -- C:\Users\Autoprd\AppData\Roaming\Media Center Programs
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.12.11 13:46:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.12.11 13:46:14 | 000,000,000 | ---D | C] -- C:\Recovery
[2010.12.11 13:31:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.12.11 13:29:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.12.11 13:28:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.12.11 13:27:52 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.02.03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[2009.07.20 17:29:40 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2011.01.03 20:19:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.03 18:27:11 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.03 18:27:11 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.03 18:27:10 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.01.03 18:27:10 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.01.03 17:48:13 | 000,016,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.03 17:48:13 | 000,016,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.03 17:42:25 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.01.03 17:41:19 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2011.01.03 17:40:57 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.03 17:40:56 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2011.01.03 17:40:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.03 17:25:53 | 004,012,664 | R--- | M] () -- C:\Users\Autoprd\Desktop\ComboFix.exe
[2011.01.02 22:16:25 | 003,933,065 | ---- | M] () -- C:\Users\Autoprd\Desktop\newdnb2.mp3
[2011.01.02 21:35:56 | 000,000,762 | ---- | M] () -- C:\Users\Autoprd\Desktop\NSGNTSpecial.lnk
[2011.01.02 19:13:06 | 000,007,606 | ---- | M] () -- C:\Users\Autoprd\AppData\Local\Resmon.ResmonCfg
[2011.01.02 17:00:01 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2011.01.02 16:01:38 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.01.02 15:09:25 | 000,071,873 | ---- | M] () -- C:\Users\Autoprd\Desktop\OCB.jpg
[2011.01.02 13:20:36 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.01.02 13:11:41 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2011.01.02 00:55:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.01.02 00:54:49 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.01.01 23:44:52 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Nail'd.lnk
[2011.01.01 23:44:30 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.01.01 23:44:30 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.01.01 20:53:38 | 003,933,065 | ---- | M] () -- C:\Users\Autoprd\Desktop\newdnb.mp3
[2011.01.01 13:57:22 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2011.01.01 13:55:27 | 001,066,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.01.01 13:55:03 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\Share Rapid Uploader.lnk
[2011.01.01 12:19:21 | 000,001,095 | ---- | M] () -- C:\Users\Autoprd\Desktop\Dokumenty – zástupce.lnk
[2010.12.31 21:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.12.31 21:06:33 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010.12.31 21:00:18 | 000,293,968 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.12.31 20:59:23 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.12.31 20:56:49 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.12.31 20:56:37 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.12.31 20:56:27 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.12.31 12:24:26 | 000,001,721 | ---- | M] () -- C:\Users\Public\Desktop\NHL™ 09.lnk
[2010.12.31 00:40:19 | 000,002,084 | ---- | M] () -- C:\Users\Autoprd\Desktop\Valve Hammer Editor.lnk
[2010.12.31 00:40:19 | 000,001,102 | ---- | M] () -- C:\Users\Autoprd\Desktop\Valve Hammer Editor Help.lnk
[2010.12.30 10:16:22 | 000,146,799 | ---- | M] () -- C:\Users\Autoprd\Desktop\74525_172449219436094_100000130511064_625024_6316232_n.jpg
[2010.12.30 00:47:49 | 000,000,635 | ---- | M] () -- C:\Windows\Rtcw.INI
[2010.12.30 00:45:45 | 000,000,318 | ---- | M] () -- C:\Users\Autoprd\Desktop\CZShare Manager.appref-ms
[2010.12.29 00:43:21 | 000,005,632 | ---- | M] () -- C:\Users\Autoprd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.27 23:15:01 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.27 09:42:37 | 000,001,072 | ---- | M] () -- C:\Users\Autoprd\Desktop\EVEREST Home Edition.lnk
[2010.12.26 14:30:30 | 000,000,785 | ---- | M] () -- C:\Users\Autoprd\Desktop\M1711452.html
[2010.12.26 14:23:35 | 000,002,473 | ---- | M] () -- C:\Users\Autoprd\Desktop\a.html
[2010.12.26 14:14:55 | 000,000,218 | ---- | M] () -- C:\Users\Autoprd\Desktop\fb.html
[2010.12.25 13:21:42 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 13:15:24 | 000,380,928 | -H-- | M] (Simon Fell) -- C:\Windows\System32\pSOAP32.dll
[2010.12.25 13:15:24 | 000,188,416 | -H-- | M] (Simon Fell) -- C:\Windows\System32\pocketHTTP.dll
[2010.12.25 13:15:24 | 000,110,676 | -H-- | M] (pocketsoap.com) -- C:\Windows\System32\psDime.dll
[2010.12.25 13:15:24 | 000,073,728 | -H-- | M] (www.pocketsoap.com) -- C:\Windows\System32\psProxy.dll
[2010.12.25 13:15:20 | 000,266,240 | -H-- | M] (TODO: <Company name>) -- C:\Windows\System32\EncryptedFolder.dll
[2010.12.25 13:09:24 | 000,002,039 | ---- | M] () -- C:\Users\Autoprd\Desktop\HijackThis.lnk
[2010.12.25 12:47:32 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010.12.25 02:00:02 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.12.25 01:40:58 | 000,459,105 | ---- | M] () -- C:\Users\Autoprd\Desktop\Untitled-12.jpg
[2010.12.25 01:40:32 | 000,290,627 | ---- | M] () -- C:\Users\Autoprd\Desktop\Untitled-1.jpg
[2010.12.23 11:28:24 | 000,005,406 | ---- | M] () -- C:\Users\Autoprd\Desktop\38929005.jpg
[2010.12.22 19:07:57 | 000,001,905 | ---- | M] () -- C:\Users\Autoprd\Czech.php
[2010.12.22 13:38:41 | 000,268,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.21 22:38:02 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.20 17:32:35 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Metin2.lnk
[2010.12.20 14:50:41 | 000,000,909 | ---- | M] () -- C:\Users\Autoprd\Desktop\HLSW.lnk
[2010.12.19 20:16:52 | 000,270,859 | ---- | M] () -- C:\Users\Autoprd\Desktop\38929005 copy.png
[2010.12.19 12:10:31 | 000,085,436 | ---- | M] () -- C:\Users\Autoprd\Desktop\34710625.jpg
[2010.12.18 20:33:58 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010.12.18 15:24:37 | 000,819,096 | ---- | M] () -- C:\Users\Autoprd\Desktop\prison-break-cast-wallpaper.jpg
[2010.12.18 13:47:44 | 000,000,600 | ---- | M] () -- C:\Users\Autoprd\AppData\Roaming\winscp.rnd
[2010.12.18 13:47:39 | 000,000,600 | ---- | M] () -- C:\Users\Autoprd\AppData\Local\PUTTY.RND
[2010.12.18 11:28:48 | 000,008,722 | ---- | M] () -- C:\Users\Autoprd\Desktop\styles.css
[2010.12.17 22:13:16 | 150,679,791 | ---- | M] () -- C:\Users\Autoprd\Desktop\Můj film.wmv
[2010.12.17 21:24:21 | 000,000,020 | ---- | M] () -- C:\Windows\¸÷3
[2010.12.17 18:39:13 | 001,067,717 | ---- | M] () -- C:\Users\Autoprd\Desktop\Laser_show_disco_3[1] copy.png
[2010.12.16 19:20:08 | 000,000,767 | ---- | M] () -- C:\Users\Autoprd\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010.12.16 19:18:56 | 000,000,802 | ---- | M] () -- C:\Users\Autoprd\Desktop\FL Studio 9.lnk
[2010.12.16 17:45:43 | 000,008,369 | ---- | M] () -- C:\Users\Autoprd\Desktop\theme.php
[2010.12.15 19:05:12 | 000,000,923 | ---- | M] () -- C:\Users\Autoprd\Desktop\MagicDisc.lnk
[2010.12.15 19:03:26 | 000,001,769 | ---- | M] () -- C:\Users\Autoprd\Desktop\MagicISO.lnk
[2010.12.15 17:33:25 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.12.14 20:06:39 | 000,131,584 | ---- | M] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.12.14 19:54:02 | 000,000,088 | ---- | M] () -- C:\Users\Autoprd\Desktop\custom_settings.f4d
[2010.12.13 18:27:05 | 000,000,562 | ---- | M] () -- C:\Users\Autoprd\Desktop\Fraps.lnk
[2010.12.13 15:59:48 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.13 15:07:09 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.12.13 15:06:32 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.12.12 22:22:01 | 000,168,764 | ---- | M] () -- C:\Users\Autoprd\top.png
[2010.12.12 10:41:56 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.12.11 15:49:28 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.12.11 15:49:28 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.12.11 15:36:56 | 000,001,012 | ---- | M] () -- C:\Users\Autoprd\Desktop\ICQ – zástupce.lnk
[2010.12.11 14:33:01 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.12.11 14:26:53 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.12.11 14:19:30 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.12.11 13:32:19 | 000,061,655 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.12.11 13:30:43 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin

========== Files Created - No Company Name ==========

[2011.01.02 22:15:17 | 003,933,065 | ---- | C] () -- C:\Users\Autoprd\Desktop\newdnb2.mp3
[2011.01.02 19:13:06 | 000,007,606 | ---- | C] () -- C:\Users\Autoprd\AppData\Local\Resmon.ResmonCfg
[2011.01.02 16:01:38 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.01.02 15:09:30 | 000,071,873 | ---- | C] () -- C:\Users\Autoprd\Desktop\OCB.jpg
[2011.01.02 14:44:55 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.01.02 14:44:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.01.02 14:44:55 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.01.02 14:44:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.01.02 14:44:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.01.02 00:54:49 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.01.01 23:44:52 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Nail'd.lnk
[2011.01.01 23:44:30 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.01.01 23:44:30 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.01.01 22:32:19 | 000,000,762 | ---- | C] () -- C:\Users\Autoprd\Desktop\NSGNTSpecial.lnk
[2011.01.01 13:55:03 | 000,109,260 | ---- | C] () -- C:\Windows\System32\MSWINSCN.OCX
[2011.01.01 13:55:03 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\Share Rapid Uploader.lnk
[2011.01.01 12:19:21 | 000,001,095 | ---- | C] () -- C:\Users\Autoprd\Desktop\Dokumenty – zástupce.lnk
[2010.12.31 13:14:53 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2010.12.31 12:24:26 | 000,001,721 | ---- | C] () -- C:\Users\Public\Desktop\NHL™ 09.lnk
[2010.12.31 00:40:19 | 000,002,084 | ---- | C] () -- C:\Users\Autoprd\Desktop\Valve Hammer Editor.lnk
[2010.12.31 00:40:19 | 000,001,102 | ---- | C] () -- C:\Users\Autoprd\Desktop\Valve Hammer Editor Help.lnk
[2010.12.30 10:16:27 | 000,146,799 | ---- | C] () -- C:\Users\Autoprd\Desktop\74525_172449219436094_100000130511064_625024_6316232_n.jpg
[2010.12.30 00:47:44 | 000,000,635 | ---- | C] () -- C:\Windows\Rtcw.INI
[2010.12.30 00:45:45 | 000,000,318 | ---- | C] () -- C:\Users\Autoprd\Desktop\CZShare Manager.appref-ms
[2010.12.29 09:42:51 | 003,933,065 | ---- | C] () -- C:\Users\Autoprd\Desktop\newdnb.mp3
[2010.12.27 23:15:01 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.27 09:42:37 | 000,001,072 | ---- | C] () -- C:\Users\Autoprd\Desktop\EVEREST Home Edition.lnk
[2010.12.26 14:30:30 | 000,000,785 | ---- | C] () -- C:\Users\Autoprd\Desktop\M1711452.html
[2010.12.26 14:20:03 | 000,002,473 | ---- | C] () -- C:\Users\Autoprd\Desktop\a.html
[2010.12.26 14:14:55 | 000,000,218 | ---- | C] () -- C:\Users\Autoprd\Desktop\fb.html
[2010.12.25 13:21:42 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 13:09:24 | 000,002,039 | ---- | C] () -- C:\Users\Autoprd\Desktop\HijackThis.lnk
[2010.12.25 01:51:31 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010.12.25 01:42:45 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.12.25 01:40:57 | 000,459,105 | ---- | C] () -- C:\Users\Autoprd\Desktop\Untitled-12.jpg
[2010.12.25 01:40:30 | 000,290,627 | ---- | C] () -- C:\Users\Autoprd\Desktop\Untitled-1.jpg
[2010.12.22 19:06:15 | 000,001,905 | ---- | C] () -- C:\Users\Autoprd\Czech.php
[2010.12.21 22:25:42 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010.12.20 14:50:41 | 000,000,909 | ---- | C] () -- C:\Users\Autoprd\Desktop\HLSW.lnk
[2010.12.19 20:16:48 | 000,270,859 | ---- | C] () -- C:\Users\Autoprd\Desktop\38929005 copy.png
[2010.12.19 12:05:45 | 000,085,436 | ---- | C] () -- C:\Users\Autoprd\Desktop\34710625.jpg
[2010.12.19 12:05:35 | 000,005,406 | ---- | C] () -- C:\Users\Autoprd\Desktop\38929005.jpg
[2010.12.18 22:20:49 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\Metin2.lnk
[2010.12.18 20:34:00 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2010.12.18 20:33:59 | 000,000,302 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2010.12.18 20:33:58 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010.12.18 15:24:41 | 000,819,096 | ---- | C] () -- C:\Users\Autoprd\Desktop\prison-break-cast-wallpaper.jpg
[2010.12.18 11:28:48 | 000,008,722 | ---- | C] () -- C:\Users\Autoprd\Desktop\styles.css
[2010.12.17 22:36:08 | 000,000,600 | ---- | C] () -- C:\Users\Autoprd\AppData\Roaming\winscp.rnd
[2010.12.17 22:28:15 | 000,000,600 | ---- | C] () -- C:\Users\Autoprd\AppData\Local\PUTTY.RND
[2010.12.17 21:33:30 | 150,679,791 | ---- | C] () -- C:\Users\Autoprd\Desktop\Můj film.wmv
[2010.12.17 21:24:20 | 000,000,020 | ---- | C] () -- C:\Windows\¸÷3
[2010.12.17 18:39:08 | 001,067,717 | ---- | C] () -- C:\Users\Autoprd\Desktop\Laser_show_disco_3[1] copy.png
[2010.12.16 19:20:08 | 000,000,767 | ---- | C] () -- C:\Users\Autoprd\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010.12.16 19:18:56 | 000,000,802 | ---- | C] () -- C:\Users\Autoprd\Desktop\FL Studio 9.lnk
[2010.12.16 17:25:28 | 000,008,369 | ---- | C] () -- C:\Users\Autoprd\Desktop\theme.php
[2010.12.15 19:08:50 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.12.15 19:05:12 | 000,000,923 | ---- | C] () -- C:\Users\Autoprd\Desktop\MagicDisc.lnk
[2010.12.15 19:03:26 | 000,001,769 | ---- | C] () -- C:\Users\Autoprd\Desktop\MagicISO.lnk
[2010.12.14 19:54:02 | 000,000,088 | ---- | C] () -- C:\Users\Autoprd\Desktop\custom_settings.f4d
[2010.12.14 18:05:39 | 000,131,584 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.12.14 17:25:11 | 000,856,064 | ---- | C] () -- C:\Windows\System32\swfgen.dll
[2010.12.13 18:27:05 | 000,000,562 | ---- | C] () -- C:\Users\Autoprd\Desktop\Fraps.lnk
[2010.12.13 15:59:48 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.13 15:07:09 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.12.13 15:06:32 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.12.12 22:21:13 | 000,168,764 | ---- | C] () -- C:\Users\Autoprd\top.png
[2010.12.12 10:41:56 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.11 15:37:03 | 000,001,012 | ---- | C] () -- C:\Users\Autoprd\Desktop\ICQ – zástupce.lnk
[2010.12.11 15:04:29 | 000,005,632 | ---- | C] () -- C:\Users\Autoprd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.11 14:55:06 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2010.12.11 14:55:06 | 000,011,520 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2010.12.11 14:40:57 | 002,261,764 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2010.12.11 14:33:01 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.12.11 14:29:24 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010.12.11 14:26:53 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.12.11 14:19:35 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.12.11 14:19:30 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.12.11 14:15:39 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.12.11 14:14:43 | 000,000,942 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.11 14:14:43 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.11 13:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.11 12:10:08 | 004,012,664 | R--- | C] () -- C:\Users\Autoprd\Desktop\ComboFix.exe
[2010.10.30 12:57:02 | 000,095,232 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.15 04:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.02.11 06:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

========== LOP Check ==========

[2010.12.29 17:18:54 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Ashampoo
[2010.12.28 23:59:33 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Audacity
[2010.12.17 23:56:47 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\DAEMON Tools Lite
[2010.12.23 11:44:10 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Emergency Soft
[2010.12.13 10:03:44 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\GHISLER
[2011.01.03 20:21:58 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\HLSW
[2011.01.03 20:51:39 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\ICQ
[2010.12.11 14:38:15 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\IObit
[2010.12.31 12:24:41 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Leadertech
[2010.12.13 07:04:30 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Nvu
[2011.01.02 16:01:50 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Opera
[2010.12.14 19:42:45 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Thinstall
[2011.01.02 15:48:31 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\TuneUp Software
[2011.01.03 21:12:57 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\uTorrent
[2010.12.14 17:08:54 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Win7codecs
[2010.12.14 17:39:04 | 000,000,000 | ---D | M] -- C:\Users\Autoprd\AppData\Roaming\Windows Live Writer
[2010.12.21 22:38:02 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010.12.25 02:00:02 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010.12.25 12:47:32 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011.01.03 17:41:19 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job
[2011.01.03 17:40:56 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2011.01.02 17:00:01 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2011.01.02 13:11:41 | 000,000,302 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2009.07.14 05:53:46 | 000,012,158 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

[jaro3]

Odinstaluj si ten Avast , určitě ho nemáš placený a stáhni si free!!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials




Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe File not found
DRV - (injectDLL) -- C:\Users\Autoprd\Desktop\M2Fish 3.0.4\Injector 32 bit\injectDLL.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Users\Autoprd\AppData\Local\Temp\catchme.sys File not found
O1 HOSTS File: ([2011.01.03 17:42:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - AutoRun File - [2010.08.13 07:12:32 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.07.07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.) - G:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.06.29 03:01:24 | 000,000,047 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
[2011.01.03 18:27:11 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.03 18:27:11 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.03 18:27:10 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.01.03 18:27:10 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
D:\Autorun.inf
G:\Autorun.inf
C:\ProgramData\ezsidmv.dat
C:\Windows\ativpsrm.bin
C:\Users\Autoprd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[autoprd]

Přeuju pěkný den =) Tak děkuji po odinstalaci avastu vše běží =)


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service avast! Firewall stopped successfully!
Service avast! Firewall deleted successfully!
File C:\Program Files\Alwil Software\Avast5\afwServ.exe File not found not found.
Service injectDLL stopped successfully!
Service injectDLL deleted successfully!
File C:\Users\Autoprd\Desktop\M2Fish 3.0.4\Injector 32 bit\injectDLL.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\Windows\System32\drivers\EagleNT.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Autoprd\AppData\Local\Temp\catchme.sys File not found not found.
127.0.0.1 localhost removed from HOSTS file successfully
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
File not found.
File move failed. G:\autorun.exe scheduled to be moved on reboot.
File move failed. G:\Autorun.inf scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\At1.job moved successfully.
c:\windows\Tasks\At2.job moved successfully.
c:\windows\Tasks\At3.job moved successfully.
c:\windows\Tasks\AWC AutoSweep.job moved successfully.
c:\windows\Tasks\AWC Startup.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\RegCure Program Check.job moved successfully.
c:\windows\Tasks\RegCure.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
Folder move failed. D:\Autorun.inf scheduled to be moved on reboot.
File move failed. G:\Autorun.inf scheduled to be moved on reboot.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Windows\ativpsrm.bin moved successfully.
C:\Users\Autoprd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Autoprd
->Temp folder emptied: 2940 bytes
->Temporary Internet Files folder emptied: 134370 bytes
->FireFox cache emptied: 39492359 bytes
->Google Chrome cache emptied: 5855589 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 520 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NaRuTo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3516205 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47,00 mb


OTL by OldTimer - Version 3.2.20.1 log created on 01042011_151054

Files\Folders moved on Reboot...
File move failed. G:\autorun.exe scheduled to be moved on reboot.
File move failed. G:\Autorun.inf scheduled to be moved on reboot.
Folder move failed. D:\Autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[jaro3]

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.