Problém s MyStart by IncrediBar.com

romankrajicek · Příspěvekod **romankrajicek** » 06 srp 2012 16:09

Zdravím,
tak bohužel když zadám Start -> Spustit a napíšu ComboFix /Uninstall a dám enter tak se vypíše hláška že systém nenašel soubor.

Jinak jsem vše udělal podle návodu, problém však přetrvává.

PS: v CCleaner zaškrknout pro mazání vše, nebo pouze co je pod Systém?

Děkuji moc.

Reklama

Příspěvekod **jaro3** » 06 srp 2012 16:14

Problém přetrvává s MyStart by IncrediBar.com??

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)

Vyčisti systém CCleanerem --tam máš návod.

romankrajicek · Příspěvekod **romankrajicek** » 06 srp 2012 16:49

Ano problém s tímto přetrvává.

Ani po provedení poslední rady žádná změna :-(

Příspěvekod **jaro3** » 06 srp 2012 22:02

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

romankrajicek · Příspěvekod **romankrajicek** » 07 srp 2012 16:11

Tak log Extras

OTL Extras logfile created on: 7.8.2012 15:55:11 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Roman\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 62,60% Memory free
4,80 Gb Paging File | 3,80 Gb Available in Paging File | 79,19% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 27,86 Gb Free Space | 57,17% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 44,90 Gb Free Space | 24,39% Space Free | Partition Type: NTFS

Computer Name: ROMAN-PC | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021281D6-A655-4BE5-B87A-0BB45E62418E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A0008A8-20EF-4FD1-8DD8-46A5320A54C2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{178D0B88-B69C-447F-9883-3C19EBBFEE77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{375BC627-1F7D-4C30-B9CB-3885F9F0A33E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3B980A33-1345-4FC1-A1C1-A3E4AA86A451}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{425725D3-EF5B-46B1-95C3-C0DA3EE4741D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{474D7F13-5B03-434F-80E2-7E63B21979E3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5D85F45E-8622-4B25-9603-56D76D926E5F}" = rport=137 | protocol=17 | dir=out | app=system |
"{7347341F-990F-4689-BB26-C56F36786F21}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80FA9504-609F-4F21-BB95-18114D0DA1A5}" = lport=137 | protocol=17 | dir=in | app=system |
"{85CB7928-5068-4646-96E2-9422C6A7EA74}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A52CA0A9-8554-43B9-B62A-EF1AAD479D09}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CD3EC5C8-D359-48DE-BDC6-316F401F7B37}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEFFF8E3-DE8C-4D15-8076-B51E80571B0E}" = lport=139 | protocol=6 | dir=in | app=system |
"{D3C541F1-8136-42FE-AB06-A5D30D8E8759}" = rport=139 | protocol=6 | dir=out | app=system |
"{D5F9C48E-A38B-40B5-A21F-EC0D371CDC9B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6925F1A-38A3-4337-BEEF-24392F07A80A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC44C941-4C4A-4C75-BB4D-C78AC19C2404}" = lport=138 | protocol=17 | dir=in | app=system |
"{F36CFF2B-240E-446C-B8EA-2F07E05D6C87}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC7EA108-A410-4C00-9190-FFDFF62E1D0D}" = rport=445 | protocol=6 | dir=out | app=system |
"{FEF37A96-1687-475E-B452-9564D71A680D}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0056A767-06AC-45ED-AFDD-62BC20C3A8A9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{0A594672-681B-495C-B10C-D30419541C13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0DD4F914-20B8-406D-BCF5-691964A1A756}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0FE0090F-D176-4108-AE86-28FC1EEE32C9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{10B89936-7DB4-49A7-B865-43A74FEDB26B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{212B59CA-4B1C-4419-909C-D4551E31848C}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{25D22FB9-4AC3-4922-9AE4-6BC34E7DB333}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37132C85-67BF-4F2B-9582-74E97E135CB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37FF683F-767E-48A9-B17F-D8D59B8BAA1D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39A52E61-F3DB-47ED-AFE3-81E965FF8315}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43E9CDF4-5AE2-489B-9CE7-C91049AFBCE2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{4764D8D0-E58E-4A12-B059-F40204666EC1}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{53AB3CFF-4542-43C6-8B0E-A186B061353B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5B496CAB-E395-4DA3-9EE3-7B0CE9ED12D5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{5EBD3B9F-9626-4C93-B2FA-3B1AD84C465F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{60C76727-A56C-4F9C-8A74-75EF4A542B87}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61979947-5677-4C8C-94C3-5AD93FB323B7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{62227F09-2607-487A-A7AA-7D93DCB55E08}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{64AA564C-5211-4983-92D7-2092D1191B9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A82B4AF-3A55-4D9D-8FD1-7DCA29D8AFE8}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{6FAAC0F9-700F-4581-91FA-3A40C9FD51DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8189D8AE-D5AC-4A7D-8287-A2B5E349DEB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8502D0E0-D6CD-429E-8939-9005F44EB853}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{86E22AC4-0772-47C5-9C3A-861E87BC9B2F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8CCE19C1-6EA2-4312-AA59-A359639D4B32}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8D71C372-8AD4-461C-BFAA-592E58BFAD02}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{9E7ECE61-D88F-49C7-9738-4A936D9B011E}" = protocol=6 | dir=out | app=system |
"{A59D391C-8645-4ED5-82BE-D7F6D663BF8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A99C6CC5-2B10-4D12-9A44-B8D0C9490668}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{AB09065D-C8F1-44DD-BEE4-C00CBDB71592}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{AF853CDD-8E86-421B-89B4-561097B068B8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{B0451780-0AA7-4AD4-BD1E-8A756EF3933E}" = dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{C53217E3-ABA3-4C9F-8E18-20B59D62873C}" = protocol=6 | dir=in | app=d:\programy\ac12\archicad.exe |
"{CB38A0A2-FB5C-4F54-B238-6E0A3D423FA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCA5D814-9A92-44CF-9607-309C4106D682}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E54E333C-E029-4654-B65E-04D92D536906}" = protocol=17 | dir=in | app=d:\programy\ac12\archicad.exe |
"{E8E8E34D-3C45-4B41-BB0C-241E0B53348B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA851A7A-EADC-429D-AAEB-7B5A088C61B5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{EAD939F4-345D-4D9C-A413-545E5ADC0244}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{EE5BB6C2-02F5-4A31-9836-812FB4F3B8DD}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"TCP Query User{07E73D84-0101-4D0B-B71B-38E37ACEA66F}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{09606299-4116-408B-8BC9-729CECB0A21B}D:\vertrigoserv\mysql\bin\v_mysqld.exe" = protocol=6 | dir=in | app=d:\vertrigoserv\mysql\bin\v_mysqld.exe |
"TCP Query User{0A92AE7D-4FB9-440E-BA27-3545E2503FAE}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{130CB707-4850-4F39-8B5B-14AEC158BE81}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{19236B9C-24C3-4A89-B8C4-D22FD1628D7A}D:\vertrigoserv\apache\bin\v_apache.exe" = protocol=6 | dir=in | app=d:\vertrigoserv\apache\bin\v_apache.exe |
"TCP Query User{205BA45E-1D6D-42E7-A54E-B36C91B62F56}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"TCP Query User{2C9E69AA-0235-4076-BEF7-009B2DD43CFB}D:\programy\archicad\ac\archicad.exe" = protocol=6 | dir=in | app=d:\programy\archicad\ac\archicad.exe |
"TCP Query User{61BA458C-DC6B-488D-B0EE-83CBD9FA982B}D:\programy\filezilla\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=d:\programy\filezilla\filezilla ftp client\filezilla.exe |
"TCP Query User{7429AF68-6D58-4C03-AA57-196C23858F83}C:\program files\vertrigoserv\mysql\bin\v_mysqld.exe" = protocol=6 | dir=in | app=c:\program files\vertrigoserv\mysql\bin\v_mysqld.exe |
"TCP Query User{7562B942-B930-4217-B636-27902A7D222A}C:\program files\vertrigoserv\apache\bin\v_apache.exe" = protocol=6 | dir=in | app=c:\program files\vertrigoserv\apache\bin\v_apache.exe |
"TCP Query User{92CFE417-DFDF-4335-8D0F-D01F25BBA972}D:\programy\ac12\archicad.exe" = protocol=6 | dir=in | app=d:\programy\ac12\archicad.exe |
"TCP Query User{B4672E65-E17B-425D-A2DB-42DF8E781753}C:\users\roman\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\roman\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{0A3A224C-5EC3-478F-B1C0-922A8E599BB9}C:\program files\vertrigoserv\mysql\bin\v_mysqld.exe" = protocol=17 | dir=in | app=c:\program files\vertrigoserv\mysql\bin\v_mysqld.exe |
"UDP Query User{104AFDE4-799A-48F2-B300-01E476CBE046}D:\programy\filezilla\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=d:\programy\filezilla\filezilla ftp client\filezilla.exe |
"UDP Query User{30945C96-0C7E-4B38-AAED-64C9DAE73B2E}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{4CF2C7B6-59A5-4E0B-85DD-BD6223A8D937}D:\programy\archicad\ac\archicad.exe" = protocol=17 | dir=in | app=d:\programy\archicad\ac\archicad.exe |
"UDP Query User{60A68489-DBCD-4298-B5AC-812FA186ADC1}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{7AB439EE-CE4F-48C3-AAFB-C0A81FB0E419}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"UDP Query User{88680F1E-47FA-471D-90D7-BB985F65C5C1}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{AC9D8C2F-EBAA-46FD-88C1-7CCE011580D5}C:\users\roman\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\roman\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{CACD3A9C-1A9D-4DDC-AE4E-E7035288AF17}D:\vertrigoserv\mysql\bin\v_mysqld.exe" = protocol=17 | dir=in | app=d:\vertrigoserv\mysql\bin\v_mysqld.exe |
"UDP Query User{D09EBF2F-A8C1-4CE8-98BA-BEFC8282FD43}D:\vertrigoserv\apache\bin\v_apache.exe" = protocol=17 | dir=in | app=d:\vertrigoserv\apache\bin\v_apache.exe |
"UDP Query User{D4048B70-85F7-4468-8DBA-37AFE129298E}D:\programy\ac12\archicad.exe" = protocol=17 | dir=in | app=d:\programy\ac12\archicad.exe |
"UDP Query User{F953405E-A6AF-47E5-B3CD-8E2AF10052AE}C:\program files\vertrigoserv\apache\bin\v_apache.exe" = protocol=17 | dir=in | app=c:\program files\vertrigoserv\apache\bin\v_apache.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216024F0}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.455
"{3688960A-BB04-4F2C-9AB1-620F169446A9}_is1" = Ulož.to File Manager verze 1.2
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5682C2EC-5BAB-49F0-AB4B-E3D9E62DFE80}_is1" = Codename Panzers Phase 2
"{5783F2D7-0201-0405-0002-0060B0CE6BBA}" = AutoCAD 2004
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6EC3499F-025A-4EDB-A03D-AB3DC042051D}" = Adobe Setup
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80EC6E5A-F710-4BE2-937E-6DA5DC03BFE8}" = Settlers IV
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95D1FD8D-9209-4C68-B7E4-95536D21BBD1}" = DR vs AK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A8A1C2D4-F5E9-4D8B-90C4-8BFB4D5B95CD}_is1" = Codename Panzers Phase 1
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"001FFFFFFF12FF00FF1101F03F02F000-R1" = ArchiCAD 12 CZE
"1ClickDownload" = 1ClickDownloader
"AceFTP 3 Freeware" = AceFTP 3 Freeware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_b5ed30048e229c36945fd3d95860c0b" = Adobe Illustrator CS3
"Autodesk Express Viewer" = Autodesk Express Viewer
"avast!" = avast! Antivirus
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"FileZilla Client" = FileZilla Client 3.3.5
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC16 (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Opera 11.52.1100" = Opera 11.52
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"Restaurant Empire II" = Restaurant Empire II
"Swiff Player_is1" = Swiff Player 1.5
"Totalcmd" = Total Commander (Remove or Repair)
"VertrigoServ" = VertrigoServ (remove only)
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"aa46f1208cfc4d06" = RegTool2
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.8.2012 10:47:14 | Computer Name = Roman-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 6.8.2012 11:23:52 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Panzers_Phase_2.exe, verze: 1.0.0.10, časové
razítko: 0x4371fbb3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu:
0x1260 Čas spuštění chybující aplikace: 0x01cd73e77a275ca0 Cesta k chybující aplikaci:
D:\Hry\Panzers2\Run\Panzers_Phase_2.exe Cesta k chybujícímu modulu: unknown ID zprávy:
ba3dcb30-dfda-11e1-90ef-001d7d52447c

Error - 6.8.2012 11:24:38 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Panzers_Phase_2.exe, verze: 1.0.0.10, časové
razítko: 0x4371fbb3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu:
0x28c Čas spuštění chybující aplikace: 0x01cd73e7976b1f40 Cesta k chybující aplikaci:
D:\Hry\Panzers2\Run\Panzers_Phase_2.exe Cesta k chybujícímu modulu: unknown ID zprávy:
d5afb400-dfda-11e1-90ef-001d7d52447c

Error - 6.8.2012 11:25:28 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Panzers_Phase_2.exe, verze: 1.0.0.10, časové
razítko: 0x4371fbb3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu:
0x14d0 Čas spuštění chybující aplikace: 0x01cd73e7b51d8230 Cesta k chybující aplikaci:
D:\Hry\Panzers2\Run\Panzers_Phase_2.exe Cesta k chybujícímu modulu: unknown ID zprávy:
f3735500-dfda-11e1-90ef-001d7d52447c

Error - 6.8.2012 11:31:48 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Panzers_Phase_2.exe, verze: 1.0.0.10, časové
razítko: 0x4371fbb3 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu:
0x15cc Čas spuštění chybující aplikace: 0x01cd73e89712a990 Cesta k chybující aplikaci:
D:\Hry\Panzers2\Run\Panzers_Phase_2.exe Cesta k chybujícímu modulu: unknown ID zprávy:
d60b9a30-dfdb-11e1-90ef-001d7d52447c

Error - 6.8.2012 11:38:01 | Computer Name = Roman-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 6.8.2012 13:28:10 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MHX-XS.exe, verze: 1.0.0.0, časové razítko:
0x3ec2938b Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec49caf Kód výjimky: 0xc0000005 Posun chyby: 0x00055a65 ID chybujícího procesu:
0x624 Čas spuštění chybující aplikace: 0x01cd73f61fb178f0 Cesta k chybující aplikaci:
D:\Hry\Slepice\MHX-XS.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 17890870-dfec-11e1-86d3-001d7d52447c

Error - 6.8.2012 13:34:12 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MHX-XS.exe, verze: 1.0.0.0, časové razítko:
0x3ec2938b Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec49caf Kód výjimky: 0xc0000005 Posun chyby: 0x0002bc57 ID chybujícího procesu:
0x560 Čas spuštění chybující aplikace: 0x01cd73f8df4a4aa0 Cesta k chybující aplikaci:
D:\Hry\Slepice\MHX-XS.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: ef061a40-dfec-11e1-86d3-001d7d52447c

Error - 6.8.2012 13:59:52 | Computer Name = Roman-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: MHX-XS.exe, verze: 1.0.0.0, časové razítko:
0x3ec2938b Název chybujícího modulu: MHX-XS.exe, verze: 1.0.0.0, časové razítko:
0x3ec2938b Kód výjimky: 0xc0000005 Posun chyby: 0x00044b5c ID chybujícího procesu:
0xe90 Čas spuštění chybující aplikace: 0x01cd73f9bc6a1460 Cesta k chybující aplikaci:
D:\Hry\Slepice\MHX-XS.exe Cesta k chybujícímu modulu: D:\Hry\Slepice\MHX-XS.exe ID
zprávy: 84f0eb40-dff0-11e1-86d3-001d7d52447c

Error - 7.8.2012 9:28:34 | Computer Name = Roman-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

[ System Events ]
Error - 6.8.2012 11:37:43 | Computer Name = Roman-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače sfdrv01.sys je blokováno.

Error - 6.8.2012 11:38:13 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Apache2.2 bylo dosaženo časového limitu
(30000 ms).

Error - 6.8.2012 11:38:13 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7000
Description = Služba Apache2.2 neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 6.8.2012 11:38:14 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfdrv01 sfsync02

Error - 7.8.2012 9:28:19 | Computer Name = Roman-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače sfsync02.sys je blokováno.

Error - 7.8.2012 9:28:20 | Computer Name = Roman-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače sfdrv01.sys je blokováno.

Error - 7.8.2012 9:28:42 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Apache2.2 bylo dosaženo časového limitu
(30000 ms).

Error - 7.8.2012 9:28:42 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7000
Description = Služba Apache2.2 neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 7.8.2012 9:28:45 | Computer Name = Roman-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfdrv01 sfsync02

Error - 7.8.2012 9:31:36 | Computer Name = Roman-PC | Source = DCOM | ID = 10001
Description =

< End of report >

romankrajicek · Příspěvekod **romankrajicek** » 07 srp 2012 16:16

OTL logfile created on: 7.8.2012 15:55:11 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Roman\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 62,60% Memory free
4,80 Gb Paging File | 3,80 Gb Available in Paging File | 79,19% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 27,86 Gb Free Space | 57,17% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 44,90 Gb Free Space | 24,39% Space Free | Partition Type: NTFS

Computer Name: ROMAN-PC | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Roman\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

========== Modules (No Company Name) ==========

MOD - C:\Users\Roman\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\1409dc3832b37f850569c69a795f834b\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\082473bbeed448eb13a7f348cf33e98f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5d585d5428ce69abc28238ffa9f4d3a2\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\fe068ba4be8f6cb7d6a58bccff05c75e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\62f103f9e662d263ec2ecacc49d4525b\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ee6e30c355ec2ffab1525b42253f7aef\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e369a54fdab8b3f74de92\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AffinegyService) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Apache2.2) -- c:\xampp\apache\bin\apache.exe (Apache Software Foundation)

========== Driver Services (SafeList) ==========

DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (catchme) -- C:\Users\Roman\AppData\Local\Temp\catchme.sys File not found
DRV - (afkljbci) -- File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WIBUKEY) -- C:\Windows\System32\drivers\WibuKey.sys (WIBU-SYSTEMS AG)
DRV - (sfsync02) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 CB FD C0 55 2A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {1C638CCC-FCC0-4665-9664-940F1CCECCAA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1C638CCC-FCC0-4665-9664-940F1CCECCAA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcphp?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyJqMVw6C&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Magic Video Converter\codec\real\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Magic Video Converter\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Roman\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Roman\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.29 19:46:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.31 11:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012.01.31 11:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions
[2012.08.04 18:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\extensions
[2012.07.29 19:45:25 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\extensions\OneClickDownload@OneClickDownload.com
[2012.07.29 19:46:05 | 000,002,203 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\searchplugins\MyStart Search.xml
[2012.02.02 12:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.01.31 11:22:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.02.02 12:57:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.07.29 19:46:37 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012.08.04 18:35:03 | 000,094,059 | ---- | M] () (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L46OK9GU.DEFAULT\EXTENSIONS\{02450914-CDD9-410F-B1DA-DB004E18C671}.XPI
[2011.12.21 09:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.21 07:38:17 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.12.21 08:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 08:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 08:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 08:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 08:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Roman\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\\u00E1v\\u00E1n\\u00ED Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.455_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.08.05 12:06:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm File not found
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {A3D93B25-4601-49D2-B3AF-F447C73D561F} http://217.112.163.219:8080/program/SonySncRz25View.cab (Sony SNC-RZ25 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CFCE83A-5E21-4EBC-A7BC-42B182D8DC2F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

romankrajicek · Příspěvekod **romankrajicek** » 07 srp 2012 16:17

========== Files/Folders - Created Within 30 Days ==========

[2012.08.07 15:52:54 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2012.08.06 17:09:17 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Skype
[2012.08.06 17:09:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.08.06 17:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.06 17:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.08.06 17:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.08.06 16:59:12 | 000,000,000 | ---D | C] -- C:\Users\Roman\Recent
[2012.08.06 16:43:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.06 16:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.05 20:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2012.08.05 15:29:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.08.05 14:53:34 | 000,000,000 | ---D | C] -- C:\Users\Roman\Desktop\Aplikace náhledy
[2012.08.05 12:06:44 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.08.05 11:51:11 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Roman\Desktop\aswMBR.exe
[2012.08.04 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Adobe
[2012.07.31 18:56:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.07.31 18:56:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.07.31 18:56:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.07.31 18:55:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.07.31 18:55:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.07.31 18:04:37 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2012.07.31 18:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.31 18:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.31 18:04:14 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.31 18:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.31 11:40:28 | 000,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.07.31 11:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Antivirus
[2012.07.31 11:40:27 | 000,042,912 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.07.31 11:40:23 | 000,095,608 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2012.07.31 11:40:22 | 000,078,416 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.07.31 11:40:22 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.07.31 11:40:06 | 001,152,888 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2012.07.31 11:40:06 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012.07.31 11:40:06 | 000,050,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.07.31 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2012.07.29 20:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.29 19:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012.07.29 19:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012.07.29 19:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012.07.23 15:45:12 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.22 20:38:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.22 20:38:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.07.22 20:38:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.07.22 20:38:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.07.22 20:38:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.07.22 20:38:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.07.22 20:38:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.07.22 20:38:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.07.22 20:38:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.22 20:38:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.07.22 20:38:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.07.22 20:38:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.07.22 20:38:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.07.22 20:38:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.22 20:38:04 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.22 20:38:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.22 20:38:04 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.07.22 20:38:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.07.22 20:38:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.07.22 20:38:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.07.22 20:38:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.07.22 20:38:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.22 20:38:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.07.22 20:38:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.07.22 20:38:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.07.22 20:38:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.07.22 20:38:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.07.22 20:38:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.22 20:38:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.07.22 20:38:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.07.22 20:38:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.07.22 20:38:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.07.22 20:38:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.07.22 20:38:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.07.22 20:38:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.07.22 20:38:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.07.22 20:38:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.07.22 20:36:47 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.07.22 20:36:47 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.07.22 20:36:47 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.07.22 20:36:47 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.07.22 20:36:47 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.07.22 20:36:47 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.07.22 20:36:47 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.07.22 20:36:46 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.07.22 20:36:46 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.07.22 19:23:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012.07.22 19:23:00 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.07.22 19:23:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.07.22 19:22:39 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2012.07.22 19:22:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.07.22 19:22:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.07.22 19:22:06 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.07.22 19:22:05 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.07.22 19:22:05 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012.07.22 19:22:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012.07.22 19:22:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012.07.22 19:21:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.07.22 19:21:29 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.07.22 19:21:29 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.07.22 19:21:28 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.07.22 19:21:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012.07.22 19:21:05 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.22 19:16:37 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.07.22 19:16:37 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.07.22 19:16:16 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.07.22 19:15:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.07.22 19:14:43 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.07.22 19:14:42 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.07.22 19:14:23 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012.07.22 19:14:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.07.22 19:14:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.07.22 19:13:57 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012.07.22 19:13:56 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012.07.22 19:13:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012.07.22 19:13:40 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.07.22 19:13:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.07.22 19:08:20 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.07.22 19:08:20 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.07.22 19:08:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.22 19:08:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.07.22 19:08:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.07.22 19:07:41 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.07.22 19:07:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.07.22 19:07:25 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012.07.22 19:07:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012.07.22 19:07:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012.07.22 19:07:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012.07.22 19:07:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012.07.22 19:07:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.07.22 19:07:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.07.22 19:07:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.07.22 19:05:48 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.07.22 19:05:40 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012.07.22 19:05:25 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.07.22 19:05:24 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.07.22 19:05:24 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.07.22 19:05:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.07.22 19:05:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.07.22 19:04:51 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012.07.22 19:04:51 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012.07.22 19:04:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012.07.22 18:23:45 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.07.22 18:20:22 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.07.22 18:20:21 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.07.22 18:20:10 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.07.22 18:20:10 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.07.22 18:20:10 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.07.22 18:19:50 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.07.22 18:19:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.07.11 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Temp
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

========== Files - Modified Within 30 Days ==========

[2012.08.07 15:52:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2012.08.07 15:28:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.07 15:28:24 | 1509,597,184 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.06 17:29:46 | 000,000,729 | ---- | M] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 2.lnk
[2012.08.06 17:09:09 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.06 16:47:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.08.06 16:43:01 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.06 16:05:04 | 001,795,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.05 20:10:39 | 000,000,703 | ---- | M] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 1.lnk
[2012.08.05 12:06:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.08.05 11:51:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Roman\Desktop\aswMBR.exe
[2012.08.04 12:37:57 | 000,002,453 | ---- | M] () -- C:\Users\Roman\Desktop\Google Chrome.lnk
[2012.08.03 00:33:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.03 00:33:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.31 18:31:14 | 000,665,706 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.31 18:31:14 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.31 18:31:14 | 000,139,402 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.31 18:31:14 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.31 18:04:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.31 11:40:28 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2012.07.29 19:47:07 | 000,000,842 | ---- | M] () -- C:\user.js
[2012.07.22 20:38:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.22 20:38:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.07.22 20:38:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.07.22 20:38:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.07.22 20:38:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.07.22 20:38:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.07.22 20:38:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.07.22 20:38:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.07.22 20:38:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.22 20:38:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.07.22 20:38:05 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.07.22 20:38:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.07.22 20:38:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.07.22 20:38:04 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.22 20:38:04 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.22 20:38:04 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.22 20:38:04 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.07.22 20:38:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.07.22 20:38:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.07.22 20:38:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.07.22 20:38:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.07.22 20:38:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.22 20:38:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.07.22 20:38:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.07.22 20:38:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.07.22 20:38:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.07.22 20:38:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.07.22 20:38:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.22 20:38:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.07.22 20:38:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.07.22 20:38:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.07.22 20:38:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.07.22 20:38:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 20:38:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.07.22 20:38:04 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.07.22 20:38:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.07.22 20:38:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.07.22 20:36:47 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.07.22 20:36:47 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.07.22 20:36:47 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.07.22 20:36:47 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.07.22 20:36:47 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.07.22 20:36:47 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.07.22 20:36:47 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.07.22 20:36:46 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.07.22 20:36:46 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll

========== Files Created - No Company Name ==========

[2012.08.06 20:59:07 | 005,272,944 | ---- | C] () -- C:\Users\Roman\Desktop\Manual1_CZ.pdf
[2012.08.06 17:29:46 | 000,000,729 | ---- | C] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 2.lnk
[2012.08.06 17:09:09 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.06 16:43:01 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.06 16:04:50 | 001,795,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.05 20:10:39 | 000,000,703 | ---- | C] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 1.lnk
[2012.08.05 13:26:15 | 000,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2012.07.31 18:56:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.31 18:56:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.31 18:56:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.31 18:56:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.31 18:56:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.07.31 18:04:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.31 11:40:28 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2012.07.29 19:47:05 | 000,000,842 | ---- | C] () -- C:\user.js
[2012.07.22 20:38:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.01.28 16:52:00 | 001,276,566 | ---- | C] () -- C:\Windows\Restaurant Empire II Uninstaller.exe
[2011.12.08 16:29:24 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.08.27 19:18:54 | 000,057,552 | ---- | C] () -- C:\Windows\System32\WkDos.exe
[2011.05.30 14:09:02 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.03.02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.15 16:22:46 | 000,137,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.12.15 16:22:40 | 000,214,520 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.12.15 16:22:17 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.08.29 10:58:29 | 000,051,741 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.27 08:35:40 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.08.27 08:35:40 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.08.27 08:35:40 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.08.13 17:28:23 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.08.13 17:28:23 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab

========== LOP Check ==========

[2011.06.20 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Atari
[2010.09.13 14:32:19 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Autodesk
[2011.02.15 20:36:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer
[2011.01.16 20:12:13 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer Pro
[2012.08.06 17:18:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2012.03.25 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FileZilla
[2011.06.27 18:12:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FlashGet
[2010.08.05 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\GHISLER
[2011.08.27 19:42:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Graphisoft
[2012.01.01 21:54:09 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ICQ
[2011.06.20 21:24:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Leadertech
[2011.12.13 20:34:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2011.02.26 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Opera
[2012.05.25 09:43:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Samsung
[2012.01.28 18:24:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Sports Interactive
[2012.07.11 21:27:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Temp
[2012.05.08 13:04:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Ulozto File Manager
[2011.02.28 18:44:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Visicom Media
[2011.12.18 13:19:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\VitySoft
[2010.11.22 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\YoudaGames
[2010.08.17 13:50:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Zoner
[2012.08.05 09:49:59 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Děkuji moc

Příspěvekod **jaro3** » 08 srp 2012 01:20

Odinstaluj:
Java(TM) 6 Update 26
Java(TM) 6 Update 24

Avast4--potom si zaktualizuj na Avast7...

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
MOD - C:\Users\Roman\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll ()
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (catchme) -- C:\Users\Roman\AppData\Local\Temp\catchme.sys File not found
DRV - (afkljbci) -- File not found
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {1C638CCC-FCC0-4665-9664-940F1CCECCAA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1C638CCC-FCC0-4665-9664-940F1CCECCAA}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcphp?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyJqMVw6C&i=26
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Magic Video Converter\codec\real\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Magic Video Converter\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Roman\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Roman\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[2012.01.31 11:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions
[2012.07.29 19:46:05 | 000,002,203 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\searchplugins\MyStart Search.xml
[2012.02.02 12:57:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.02 12:57:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.08.04 18:35:03 | 000,094,059 | ---- | M] () (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L46OK9GU.DEFAULT\EXTENSIONS\{02450914-CDD9-410F-B1DA-DB004E18C671}.XPI
O1 HOSTS File: ([2012.08.05 12:06:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.
O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm File not found
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {A3D93B25-4601-49D2-B3AF-F447C73D561F} http://217.112.163.219:8080/program/SonySncRz25View.cab (Sony SNC-RZ25 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2012.07.31 18:31:14 | 000,665,706 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.31 18:31:14 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.31 18:31:14 | 000,139,402 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.07.31 18:31:14 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe   
C:\Windows\NIRCMD.exe
C:\Qoobox
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Windows\System32\cis-2.4.dll
C:\Windows\System32\issacapi_bs-2.3.dll
C:\Windows\System32\issacapi_pe-2.3.dll
C:\Windows\System32\issacapi_se-2.3.dll

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[EMPTYJAVA]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Pak:

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
[CLEARALLRESTOREPOINTS]
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\Restaurant Empire II Uninstaller.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

romankrajicek · Příspěvekod **romankrajicek** » 08 srp 2012 16:22

Zdravím,

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Odkaz: https://www.virustotal.com/file/5dae874 ... 344435515/

OTL:
OTL logfile created on: 8.8.2012 15:40:40 - Run 2
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Roman\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 65,04% Memory free
4,80 Gb Paging File | 4,08 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 27,98 Gb Free Space | 57,43% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 44,67 Gb Free Space | 24,27% Space Free | Partition Type: NTFS

Computer Name: ROMAN-PC | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Roman\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

========== Modules (No Company Name) ==========

MOD - C:\Users\Roman\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\1409dc3832b37f850569c69a795f834b\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\082473bbeed448eb13a7f348cf33e98f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5d585d5428ce69abc28238ffa9f4d3a2\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\fe068ba4be8f6cb7d6a58bccff05c75e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\62f103f9e662d263ec2ecacc49d4525b\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ee6e30c355ec2ffab1525b42253f7aef\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e369a54fdab8b3f74de92\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AffinegyService) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Apache2.2) -- c:\xampp\apache\bin\apache.exe (Apache Software Foundation)

========== Driver Services (SafeList) ==========

DRV - (agt8inoa) -- File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (WIBUKEY) -- C:\Windows\System32\drivers\WibuKey.sys (WIBU-SYSTEMS AG)
DRV - (sfsync02) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 CB FD C0 55 2A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.29 19:46:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.31 11:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012.08.08 15:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\extensions
[2012.07.29 19:45:25 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\l46ok9gu.default\extensions\OneClickDownload@OneClickDownload.com
[2012.07.29 19:46:37 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
File not found (No name found) -- C:\USERS\ROMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L46OK9GU.DEFAULT\EXTENSIONS\{02450914-CDD9-410F-B1DA-DB004E18C671}.XPI
[2011.12.21 09:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.21 08:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 08:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 08:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 08:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 08:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Roman\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Roman\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\\u00E1v\\u00E1n\\u00ED Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.455_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.08.08 15:36:46 | 000,000,002 | RH-- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CFCE83A-5E21-4EBC-A7BC-42B182D8DC2F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AC214804-22F9-7167-D13C-0280C2F16BB1} - Browser Customizations
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

romankrajicek · Příspěvekod **romankrajicek** » 08 srp 2012 16:23

[CLEARALLRESTOREPOINTS]
Restore point Set: OTL Restore Point

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.08.08 15:36:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.08.07 15:52:54 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2012.08.06 17:09:17 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Skype
[2012.08.06 17:09:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.08.06 17:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.06 17:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.08.06 17:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.08.06 16:59:12 | 000,000,000 | ---D | C] -- C:\Users\Roman\Recent
[2012.08.06 16:43:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.06 16:43:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.05 20:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2012.08.05 15:29:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.08.05 14:53:34 | 000,000,000 | ---D | C] -- C:\Users\Roman\Desktop\Aplikace náhledy
[2012.08.05 12:06:44 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.08.05 11:51:11 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Roman\Desktop\aswMBR.exe
[2012.08.04 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Adobe
[2012.07.31 18:55:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.07.31 18:04:37 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2012.07.31 18:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.31 18:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.31 18:04:14 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.31 18:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.31 11:40:06 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2012.07.31 11:40:06 | 000,050,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.07.31 11:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2012.07.29 20:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.29 19:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012.07.29 19:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012.07.29 19:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012.07.23 15:45:12 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.22 20:38:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.22 20:38:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.07.22 20:38:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.07.22 20:38:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.07.22 20:38:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.07.22 20:38:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.07.22 20:38:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.07.22 20:38:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.07.22 20:38:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.22 20:38:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.07.22 20:38:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.07.22 20:38:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.07.22 20:38:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.07.22 20:38:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.22 20:38:04 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.22 20:38:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.22 20:38:04 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.07.22 20:38:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.07.22 20:38:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.07.22 20:38:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.07.22 20:38:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.07.22 20:38:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.22 20:38:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.07.22 20:38:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.07.22 20:38:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.07.22 20:38:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.07.22 20:38:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.07.22 20:38:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.22 20:38:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.07.22 20:38:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.07.22 20:38:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.07.22 20:38:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.07.22 20:38:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.07.22 20:38:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.07.22 20:38:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.07.22 20:38:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.07.22 20:38:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.07.22 20:36:47 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.07.22 20:36:47 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.07.22 20:36:47 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.07.22 20:36:47 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.07.22 20:36:47 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.07.22 20:36:47 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.07.22 20:36:47 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.07.22 20:36:46 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.07.22 20:36:46 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.07.22 19:23:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012.07.22 19:23:00 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.07.22 19:23:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.07.22 19:22:39 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2012.07.22 19:22:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.07.22 19:22:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.07.22 19:22:06 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.07.22 19:22:05 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.07.22 19:22:05 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012.07.22 19:22:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012.07.22 19:22:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012.07.22 19:21:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.07.22 19:21:29 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.07.22 19:21:29 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.07.22 19:21:28 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.07.22 19:21:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012.07.22 19:21:05 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.22 19:16:37 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.07.22 19:16:37 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.07.22 19:16:16 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.07.22 19:15:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.07.22 19:14:43 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.07.22 19:14:42 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.07.22 19:14:23 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012.07.22 19:14:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.07.22 19:14:04 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.07.22 19:13:57 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012.07.22 19:13:56 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012.07.22 19:13:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012.07.22 19:13:40 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.07.22 19:13:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.07.22 19:08:20 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.07.22 19:08:20 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.07.22 19:08:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.22 19:08:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.07.22 19:08:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.22 19:08:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.07.22 19:08:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.22 19:08:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.22 19:08:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.07.22 19:07:41 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.07.22 19:07:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.07.22 19:07:25 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012.07.22 19:07:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012.07.22 19:07:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012.07.22 19:07:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012.07.22 19:07:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012.07.22 19:07:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.07.22 19:07:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.07.22 19:07:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.07.22 19:05:48 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.07.22 19:05:40 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012.07.22 19:05:25 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.07.22 19:05:24 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.07.22 19:05:24 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.07.22 19:05:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.07.22 19:05:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.07.22 19:04:51 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012.07.22 19:04:51 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012.07.22 19:04:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012.07.22 18:23:45 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.07.22 18:20:22 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.07.22 18:20:21 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.07.22 18:20:10 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.07.22 18:20:10 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.07.22 18:20:10 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.07.22 18:19:50 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.07.22 18:19:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.07.11 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Temp
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

========== Files - Modified Within 30 Days ==========

[2012.08.08 15:38:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.08 15:38:13 | 1509,597,184 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.08 15:36:46 | 000,000,002 | RH-- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.08.08 15:32:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.08.07 20:23:53 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.07 20:23:52 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.07 15:52:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2012.08.06 17:29:46 | 000,000,729 | ---- | M] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 2.lnk
[2012.08.06 17:09:09 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.06 16:43:01 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.06 16:05:04 | 001,795,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.05 20:10:39 | 000,000,703 | ---- | M] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 1.lnk
[2012.08.05 11:51:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Roman\Desktop\aswMBR.exe
[2012.08.04 12:37:57 | 000,002,453 | ---- | M] () -- C:\Users\Roman\Desktop\Google Chrome.lnk
[2012.07.31 18:04:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.29 19:47:07 | 000,000,842 | ---- | M] () -- C:\user.js
[2012.07.22 20:38:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.22 20:38:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.07.22 20:38:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.07.22 20:38:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.07.22 20:38:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.07.22 20:38:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.07.22 20:38:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.07.22 20:38:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.07.22 20:38:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.22 20:38:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.07.22 20:38:05 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.07.22 20:38:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.07.22 20:38:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.07.22 20:38:04 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.22 20:38:04 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.22 20:38:04 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.22 20:38:04 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.07.22 20:38:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.07.22 20:38:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.07.22 20:38:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.07.22 20:38:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.07.22 20:38:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.22 20:38:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.07.22 20:38:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.07.22 20:38:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.07.22 20:38:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.07.22 20:38:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.07.22 20:38:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.22 20:38:04 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.07.22 20:38:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.07.22 20:38:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.07.22 20:38:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.07.22 20:38:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.07.22 20:38:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.07.22 20:38:04 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.07.22 20:38:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.07.22 20:38:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.07.22 20:36:47 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.07.22 20:36:47 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.07.22 20:36:47 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.07.22 20:36:47 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.07.22 20:36:47 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.07.22 20:36:47 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.07.22 20:36:47 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.07.22 20:36:46 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.07.22 20:36:46 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll

========== Files Created - No Company Name ==========

[2012.08.06 20:59:07 | 005,272,944 | ---- | C] () -- C:\Users\Roman\Desktop\Manual1_CZ.pdf
[2012.08.06 17:29:46 | 000,000,729 | ---- | C] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 2.lnk
[2012.08.06 17:09:09 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.06 16:43:01 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.06 16:04:50 | 001,795,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.05 20:10:39 | 000,000,703 | ---- | C] () -- C:\Users\Roman\Desktop\Codename Panzers Phase 1.lnk
[2012.08.05 13:26:15 | 000,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2012.07.31 18:04:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.29 19:47:05 | 000,000,842 | ---- | C] () -- C:\user.js
[2012.07.22 20:38:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.01.28 16:52:00 | 001,276,566 | ---- | C] () -- C:\Windows\Restaurant Empire II Uninstaller.exe
[2011.12.08 16:29:24 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.08.27 19:18:54 | 000,057,552 | ---- | C] () -- C:\Windows\System32\WkDos.exe
[2011.05.30 14:09:02 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.03.02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2010.12.15 16:22:46 | 000,137,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.12.15 16:22:40 | 000,214,520 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.12.15 16:22:17 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.08.29 10:58:29 | 000,051,741 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.27 08:35:40 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.08.27 08:35:40 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.08.27 08:35:40 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.08.13 17:28:23 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.08.13 17:28:23 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Program Files\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: SAMSUNG HD250HJ SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 0,00GB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 49,00GB
Starting Offset: 105906176
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 184,00GB
Starting Offset: 52427934720
Hidden sectors: 0

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012.01.09 19:30:03 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Adobe
[2011.06.20 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Atari
[2010.09.13 14:32:19 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Autodesk
[2011.02.15 20:36:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer
[2011.01.16 20:12:13 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer Pro
[2012.08.06 17:18:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2012.03.25 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FileZilla
[2011.06.27 18:12:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FlashGet
[2010.08.05 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\GHISLER
[2011.08.27 19:42:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Graphisoft
[2012.01.01 21:54:09 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ICQ
[2010.07.19 08:02:56 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Identities
[2011.06.20 21:24:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Leadertech
[2010.07.19 08:45:19 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Macromedia
[2012.07.31 18:04:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Media Center Programs
[2012.08.05 11:36:44 | 000,000,000 | --SD | M] -- C:\Users\Roman\AppData\Roaming\Microsoft
[2012.08.08 15:36:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla
[2011.12.13 20:34:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2011.02.26 15:29:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Opera
[2010.09.27 13:05:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PSpad
[2011.12.08 16:29:26 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Real
[2012.05.25 09:43:33 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Samsung
[2011.05.30 14:09:33 | 000,000,000 | RH-D | M] -- C:\Users\Roman\AppData\Roaming\SecuROM
[2012.08.07 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Skype
[2012.01.28 18:24:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Sports Interactive
[2012.07.11 21:27:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Temp
[2012.05.08 13:04:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Ulozto File Manager
[2011.02.28 18:44:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Visicom Media
[2011.12.18 13:19:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\VitySoft
[2011.12.28 15:04:51 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\vlc
[2010.07.19 08:46:26 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\WinRAR
[2010.11.22 22:14:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\YoudaGames
[2010.08.17 13:50:32 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Zoner

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\erdnt\cache\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009.07.14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\erdnt\cache\mswsock.dll
[2009.07.14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\System32\mswsock.dll
[2009.07.14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010.11.20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009.07.14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\System32\NapiNSP.dll
[2009.07.14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2009.07.14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\System32\nlaapi.dll
[2009.07.14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_675c4bea6c3ddad6\nlaapi.dll
[2010.11.20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_698d5fb2692c5e70\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009.07.14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\System32\pnrpnsp.dll
[2009.07.14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_71556bd683c82a7a\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009.07.14 03:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=640A476C8867AEAAD8FF9F59A61AFE2F -- C:\Windows\System32\PrintIsolationHost.exe
[2009.07.14 03:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=640A476C8867AEAAD8FF9F59A61AFE2F -- C:\Windows\winsxs\x86_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_9c856911bff5c373\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\erdnt\cache\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009.07.14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\System32\winrnr.dll
[2009.07.14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009.07.14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\System32\wshelper.dll
[2009.07.14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.07.22 20:38:05 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012.07.22 20:38:05 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011.12.21 09:39:35 | 000,716,216 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011.12.21 09:39:32 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Roman\AppData\Local\Google\Chrome\Application\chrome.exe" [2012.07.31 07:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012.07.22 20:38:04 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012.07.22 20:38:05 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012.07.22 20:38:05 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011.11.15 18:43:14 | 000,947,056 | ---- | M] (Opera Software)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.08.13 17:20:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< End of report >

Děkuji moc

Příspěvekod **jaro3** » 08 srp 2012 19:38

Potřebuji nejdříve ten log po scriptu v OTL , pak teprve ten nový sken. Najdi v adresáři OTL.

romankrajicek · Příspěvekod **romankrajicek** » 08 srp 2012 20:16

Tohle se mi zobrazilo po provedení první rady

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Re: Problém s MyStart by IncrediBar.com

Kdo je online