PC napadem virem +

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 22:42

PC byl napadem virem po otevreni prohlizece mi naskocil antivirus, ktery sem v pc nemel a zadal o scen atd. Po odstraneni podezreleho procesu sem se na internet dostal. Po restartu ten sami problem.

Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:38:42, on 18.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Tomas\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB7A69E8-B97E-4074-866C-6908AE06C13B}: NameServer = 10.122.0.1,10.122.128.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11895 bytes

Reklama

Příspěvekod **memphisto** » 18 lis 2010 22:57

Odinstaluj:
uTorrent Toolbar

fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:06

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5148

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.11.2010 23:06:33
mbam-log-2010-11-18 (23-06-33).txt

Typ skenu: Rychlý sken
Skenované objekty: 138025
Uplynulý čas: 3 minuta(y), 6 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Tomas\AppData\Roaming\hotfix.exe (Trojan.Agent.Gen) -> No action taken.

Příspěvekod **memphisto** » 18 lis 2010 23:08

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:15

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5148

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.11.2010 23:14:32
mbam-log-2010-11-18 (23-14-32).txt

Typ skenu: Rychlý sken
Skenované objekty: 138013
Uplynulý čas: 2 minuta(y), 9 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Tomas\AppData\Roaming\hotfix.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:23

1 cast

OTL logfile created on: 11/18/2010 11:18:54 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Tomas\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.47 Gb Total Space | 349.98 Gb Free Space | 78.04% Space Free | Partition Type: NTFS

Computer Name: TOMAS-HP | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Tomas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - C:\Windows\system\uArcCapture.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Tomas\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (HP Power Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (HPDayStarterService) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (DpHost) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (HPFSService) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (HP ProtectTools Service) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (uArcCapture) -- C:\Windows\system\uArcCapture.exe (ArcSoft, Inc.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (CV2K1) -- C:\windows\SysNative\DRIVERS\cv2k1.sys File not found
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ARCVCAM) -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys (ArcSoft, Inc.)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (TsLwWfF) -- C:\Windows\SysNative\drivers\TsLwWfF.sys (TamoSoft)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/02 20:50:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/12 19:14:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/12 19:14:53 | 000,000,000 | ---D | M]

[2010/11/12 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Extensions
[2010/11/12 19:15:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomas\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/11/17 13:42:41 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\j6l31tko.default\extensions
[2010/11/12 19:14:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/12 19:14:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/10/27 07:12:32 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/10/27 07:12:32 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010/10/27 07:12:32 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010/10/27 06:19:36 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/10/27 06:19:36 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/10/27 06:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/10/27 06:19:36 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/10/27 06:19:36 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/10/27 06:19:36 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe File not found
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:24

2. cast

O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/18 23:11:39 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010/11/18 23:02:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Malwarebytes
[2010/11/18 23:02:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/18 23:02:30 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010/11/18 23:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/18 23:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/18 23:02:08 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tomas\Desktop\mbam-setup.exe
[2010/11/18 23:00:15 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Tomas\Desktop\ATF-Cleaner.exe
[2010/11/18 22:59:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\backups
[2010/11/18 22:38:10 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Tomas\Desktop\HijackThis.exe
[2010/11/18 22:16:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\aircrack-ng-1.1-win
[2010/11/18 21:20:19 | 000,000,000 | ---D | C] -- C:\Packets
[2010/11/18 21:06:44 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\CommView for WiFi
[2010/11/18 21:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CommViewWiFi
[2010/11/18 20:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CommView
[2010/11/18 18:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TamoSoft
[2010/11/18 18:42:12 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Commview for.Wifi.6.0.5
[2010/11/17 19:41:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/11/17 15:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Share-Rapid Downloader
[2010/11/17 13:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010/11/17 13:27:23 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2010/11/17 13:26:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Ashampoo
[2010/11/17 13:26:07 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ashampoo
[2010/11/17 13:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010/11/17 13:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010/11/17 13:16:37 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\GetRightToGo
[2010/11/17 12:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/11/17 12:52:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2010/11/17 12:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/11/15 18:14:32 | 000,000,000 | ---D | C] -- C:\Games
[2010/11/15 17:10:01 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\BSplayer PRO
[2010/11/15 17:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2010/11/15 15:55:01 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Activision
[2010/11/15 15:54:53 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll
[2010/11/15 15:54:53 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll
[2010/11/15 15:54:53 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll
[2010/11/15 15:54:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll
[2010/11/15 15:54:52 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll
[2010/11/15 15:54:52 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2010/11/15 15:54:52 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_43.dll
[2010/11/15 15:54:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_43.dll
[2010/11/15 15:54:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_7.dll
[2010/11/15 15:54:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_7.dll
[2010/11/15 15:54:51 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll
[2010/11/15 15:54:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll
[2010/11/15 15:54:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_43.dll
[2010/11/15 15:54:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_43.dll
[2010/11/15 15:54:50 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2010/11/15 15:54:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2010/11/15 15:54:50 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_43.dll
[2010/11/15 15:54:50 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_43.dll
[2010/11/15 15:54:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2010/11/15 15:54:50 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2010/11/15 15:54:50 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2010/11/15 15:54:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2010/11/15 15:54:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2010/11/15 15:54:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2010/11/15 15:54:49 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2010/11/15 15:54:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll
[2010/11/15 15:54:48 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2010/11/15 15:54:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2010/11/15 15:54:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2010/11/15 15:54:48 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2010/11/15 15:54:47 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2010/11/15 15:54:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2010/11/15 15:54:46 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2010/11/15 15:54:46 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2010/11/15 15:54:46 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_42.dll
[2010/11/15 15:54:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_42.dll
[2010/11/15 15:54:46 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2010/11/15 15:54:46 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2010/11/15 15:54:45 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2010/11/15 15:54:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2010/11/15 15:54:45 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2010/11/15 15:54:45 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_41.dll
[2010/11/15 15:54:45 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2010/11/15 15:54:45 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_41.dll
[2010/11/15 15:54:44 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2010/11/15 15:54:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2010/11/15 15:54:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2010/11/15 15:54:44 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2010/11/15 15:54:44 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2010/11/15 15:54:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2010/11/15 15:54:44 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2010/11/15 15:54:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2010/11/15 15:54:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2010/11/15 15:54:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2010/11/15 15:54:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2010/11/15 15:54:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2010/11/15 15:54:42 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2010/11/15 15:54:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2010/11/15 15:54:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2010/11/15 15:54:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2010/11/15 15:54:42 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2010/11/15 15:54:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2010/11/15 15:54:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2010/11/15 15:54:42 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2010/11/15 15:54:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2010/11/15 15:54:42 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2010/11/15 15:54:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2010/11/15 15:54:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2010/11/15 15:54:42 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2010/11/15 15:54:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2010/11/15 15:54:41 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2010/11/15 15:54:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2010/11/15 15:54:41 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2010/11/15 15:54:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2010/11/15 15:54:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2010/11/15 15:54:41 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2010/11/15 15:54:40 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2010/11/15 15:54:40 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2010/11/15 15:54:40 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2010/11/15 15:54:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2010/11/15 15:54:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2010/11/15 15:54:40 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2010/11/15 15:54:40 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2010/11/15 15:54:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2010/11/15 15:54:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2010/11/15 15:54:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2010/11/15 15:54:40 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2010/11/15 15:54:40 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2010/11/15 15:54:40 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2010/11/15 15:54:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2010/11/15 15:54:39 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2010/11/15 15:54:39 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2010/11/15 15:54:38 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2010/11/15 15:54:38 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2010/11/15 15:54:38 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2010/11/15 15:54:38 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2010/11/15 15:54:38 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2010/11/15 15:54:38 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2010/11/15 15:54:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2010/11/15 15:54:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2010/11/15 15:54:38 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2010/11/15 15:54:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2010/11/15 15:54:37 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2010/11/15 15:54:37 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2010/11/15 15:54:37 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2010/11/15 15:54:37 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2010/11/15 15:54:36 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2010/11/15 15:54:36 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2010/11/15 15:54:36 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2010/11/15 15:54:36 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2010/11/15 15:54:36 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2010/11/15 15:54:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2010/11/15 15:54:35 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2010/11/15 15:54:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2010/11/15 15:54:35 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2010/11/15 15:54:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2010/11/15 15:54:35 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2010/11/15 15:54:35 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2010/11/15 15:54:34 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2010/11/15 15:54:34 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:25

3 cast

[2010/11/15 15:54:34 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2010/11/15 15:54:34 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2010/11/15 15:54:34 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2010/11/15 15:54:34 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2010/11/15 15:54:34 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2010/11/15 15:54:34 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2010/11/15 15:54:34 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2010/11/15 15:54:34 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2010/11/15 15:54:33 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2010/11/15 15:54:33 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2010/11/15 15:54:33 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2010/11/15 15:54:33 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2010/11/15 15:54:33 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2010/11/15 15:54:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2010/11/15 15:54:32 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2010/11/15 15:54:32 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2010/11/15 15:54:32 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2010/11/15 15:54:32 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2010/11/15 15:54:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2010/11/15 15:54:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2010/11/15 15:54:32 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2010/11/15 15:54:32 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2010/11/15 15:54:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2010/11/15 15:54:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2010/11/15 15:54:31 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2010/11/15 15:54:31 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2010/11/15 15:54:30 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2010/11/15 15:54:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2010/11/15 15:54:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2010/11/15 15:54:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2010/11/15 15:54:30 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2010/11/15 15:54:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2010/11/15 15:54:30 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2010/11/15 15:54:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2010/11/15 15:54:29 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2010/11/15 15:54:29 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2010/11/15 15:54:29 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2010/11/15 15:54:29 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2010/11/15 15:54:29 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2010/11/15 15:54:29 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2010/11/15 15:54:29 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2010/11/15 15:54:29 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2010/11/15 15:54:28 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2010/11/15 15:54:28 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2010/11/15 15:54:24 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2010/11/15 15:54:23 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2010/11/15 15:54:23 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2010/11/15 15:54:23 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2010/11/15 15:54:23 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2010/11/15 15:54:22 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2010/11/15 15:54:22 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2010/11/15 15:54:22 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2010/11/15 15:54:22 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2010/11/15 15:54:21 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2010/11/15 15:54:21 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2010/11/15 15:54:21 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2010/11/15 15:54:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2010/11/15 15:54:20 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2010/11/15 15:54:20 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2010/11/15 15:54:19 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2010/11/15 15:54:19 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2010/11/15 13:59:31 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Učení
[2010/11/15 10:19:18 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\TmForever
[2010/11/15 10:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TmForever
[2010/11/15 10:19:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2010/11/15 10:18:45 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System\d3dx9_30.dll
[2010/11/14 09:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo2.1.4
[2010/11/13 21:19:14 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Cyberlink
[2010/11/13 21:19:12 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\CyberLink
[2010/11/13 21:19:12 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\CyberLink
[2010/11/13 21:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/11/13 21:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010/11/13 21:15:06 | 000,505,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71.dll
[2010/11/13 21:15:06 | 000,353,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr71.dll
[2010/11/13 21:15:06 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3a.dll
[2010/11/13 21:15:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010/11/13 21:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010/11/13 10:53:52 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2010/11/13 10:53:52 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2010/11/13 10:45:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2010/11/13 10:45:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2010/11/13 10:45:24 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2010/11/13 10:45:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2010/11/13 10:45:23 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2010/11/13 10:45:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2010/11/13 10:45:23 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2010/11/13 10:45:23 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2010/11/13 10:45:07 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browserchoice.exe
[2010/11/13 10:45:00 | 001,675,776 | ---- | C] (Flagship Industries, Inc.) -- C:\Users\Tomas\Desktop\Ventrilo.exe
[2010/11/13 10:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VT 3.0.3
[2010/11/13 09:49:09 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Microsoft Games
[2010/11/13 09:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/11/13 09:46:36 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2010/11/13 09:46:34 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2010/11/13 09:46:34 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2010/11/13 09:46:33 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2010/11/13 09:46:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2010/11/13 09:46:29 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2010/11/13 09:46:28 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2010/11/13 09:46:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2010/11/13 09:46:27 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2010/11/13 09:46:26 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2010/11/13 09:46:15 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2010/11/13 09:46:15 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2010/11/13 09:46:15 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2010/11/13 09:46:15 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2010/11/13 09:46:15 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2010/11/13 09:46:15 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2010/11/13 09:46:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2010/11/13 09:45:58 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2010/11/13 09:45:57 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2010/11/13 09:45:57 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2010/11/13 09:45:55 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2010/11/13 09:45:54 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2010/11/13 09:45:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2010/11/13 09:45:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rtutils.dll
[2010/11/13 09:45:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2010/11/13 09:45:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2010/11/13 09:45:37 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2010/11/13 09:45:37 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2010/11/13 09:45:32 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2010/11/13 09:45:31 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2010/11/13 09:45:30 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2010/11/13 09:45:26 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2010/11/13 09:45:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2010/11/13 09:45:24 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2010/11/13 09:45:24 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2010/11/13 09:45:24 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2010/11/13 09:45:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2010/11/13 09:45:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2010/11/13 09:45:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2010/11/13 09:45:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2010/11/13 09:45:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2010/11/13 09:45:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2010/11/13 09:45:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2010/11/13 09:45:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2010/11/13 09:45:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2010/11/13 09:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2010/11/13 00:04:03 | 000,000,000 | ---D | C] -- C:\windows\rescache
[2010/11/12 22:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010/11/12 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010/11/12 22:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/11/12 21:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/11/12 21:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/11/12 21:38:36 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Ventrilo
[2010/11/12 21:36:37 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Avira
[2010/11/12 21:30:44 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\windows\SysWow64\npptNT2.sys
[2010/11/12 21:25:22 | 000,000,000 | ---D | C] -- C:\Hry
[2010/11/12 21:24:45 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\InstallShield
[2010/11/12 21:23:00 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\WinRAR
[2010/11/12 21:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/11/12 20:24:13 | 000,000,000 | ---D | C] -- C:\Stahování
[2010/11/12 20:12:48 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSJET35.DLL
[2010/11/12 20:12:48 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VBAR332.DLL
[2010/11/12 20:12:48 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSRD2X35.DLL
[2010/11/12 20:12:48 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSJINT35.DLL
[2010/11/12 20:12:48 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSJTER35.DLL
[2010/11/12 20:02:20 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\SoftGrid Client
[2010/11/12 20:02:19 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\SoftGrid Client
[2010/11/12 20:01:23 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2010/11/12 20:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/11/12 20:01:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2010/11/12 20:01:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/11/12 20:00:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\TP
[2010/11/12 19:57:42 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\ICQ
[2010/11/12 19:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/11/12 19:14:57 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Mozilla
[2010/11/12 19:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/12 18:59:14 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2010/11/12 18:59:14 | 000,081,584 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2010/11/12 18:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/11/12 18:59:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/11/12 18:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010/11/12 18:54:04 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\ICQ
[2010/11/12 18:54:04 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\AOL
[2010/11/12 18:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010/11/12 18:50:52 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\CorelHomeOffice
[2010/11/12 18:50:45 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Corel
[2010/11/12 18:48:23 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\ArcSoft
[2010/11/12 18:48:20 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\ArcSoft
[2010/11/12 18:03:30 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Mozilla
[2010/11/12 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Macromedia
[2010/11/12 17:54:41 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Adobe
[2010/11/12 17:43:20 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
[2010/11/12 17:31:26 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Diagnostics
[2010/11/12 17:21:27 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\ATI
[2010/11/12 17:21:27 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ATI
[2010/11/12 17:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/11/12 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Broadcom
[2010/11/12 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\Bluetooth Exchange Folder
[2010/11/12 17:20:17 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\PDFC
[2010/11/12 17:20:04 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Searches
[2010/11/12 17:19:57 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Identities
[2010/11/12 17:19:56 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Contacts
[2010/11/12 17:19:55 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\VirtualStore
[2010/11/12 17:15:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\Hewlett-Packard
[2010/11/12 17:13:38 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Hewlett-Packard
[2010/11/12 17:13:25 | 000,000,000 | -HSD | C] -- C:\HPMBackup
[2010/11/12 17:12:27 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\hpqLog
[2010/11/12 17:12:06 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Downloaded Installations
[2010/11/12 17:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/11/12 17:10:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\DigitalPersona
[2010/11/12 17:10:56 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\DigitalPersona
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\Temporary Internet Files
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Soubory cookie
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\SendTo
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Šablony
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Poslední
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Okolní tiskárny
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Okolní síť
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Obrázky
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Nabídka Start
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Local Settings
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Hudba
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\History
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Documents\Filmy
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Dokumenty
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\Data aplikací
[2010/11/12 17:10:40 | 000,000,000 | -HSD | C] -- C:\Users\Tomas\AppData\Local\Data aplikací
[2010/11/12 17:10:39 | 000,000,000 | --SD | C] -- C:\Users\Tomas\AppData\Roaming\Microsoft
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Videos
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Saved Games
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Pictures
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Music
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Links
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Favorites
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Downloads
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Dokumenty
[2010/11/12 17:10:39 | 000,000,000 | R--D | C] -- C:\Users\Tomas\Desktop
[2010/11/12 17:10:39 | 000,000,000 | -H-D | C] -- C:\Users\Tomas\AppData
[2010/11/12 17:10:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Temp
[2010/11/12 17:10:39 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\Microsoft

========== Files - Modified Within 30 Days ==========

[2010/11/18 23:21:32 | 001,447,246 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/11/18 23:21:32 | 000,623,104 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2010/11/18 23:21:32 | 000,607,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/11/18 23:21:32 | 000,118,996 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2010/11/18 23:21:32 | 000,103,754 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/11/18 23:16:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/11/18 23:16:20 | 4016,496,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/18 23:11:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010/11/18 23:02:34 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/18 23:02:11 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tomas\Desktop\mbam-setup.exe
[2010/11/18 23:00:15 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Tomas\Desktop\ATF-Cleaner.exe
[2010/11/18 22:39:30 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/18 22:39:30 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/18 22:38:14 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Tomas\Desktop\HijackThis.exe
[2010/11/18 21:06:40 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\CommView for WiFi.lnk
[2010/11/18 19:14:35 | 000,000,856 | ---- | M] () -- C:\Users\Tomas\AppData\Local\SRDownloader.nast
[2010/11/18 18:42:06 | 004,535,704 | ---- | M] () -- C:\Users\Tomas\Desktop\aircrack-ng-1.1-win.zip
[2010/11/18 18:32:55 | 009,463,432 | ---- | M] () -- C:\Users\Tomas\Desktop\Commview for.Wifi.6.0.5.rar
[2010/11/17 13:27:58 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/11/17 13:26:07 | 000,001,181 | ---- | M] () -- C:\Users\Tomas\Desktop\Ashampoo Burning Studio 10.lnk
[2010/11/17 12:53:40 | 000,834,544 | ---- | M] () -- C:\windows\SysNative\drivers\sptd.sys
[2010/11/17 11:40:34 | 000,061,560 | ---- | M] () -- C:\Users\Tomas\Desktop\hh.jpg
[2010/11/16 15:51:41 | 004,431,174 | ---- | M] () -- C:\Users\Tomas\Desktop\grahmo.bmp
[2010/11/14 14:46:45 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/14 14:35:43 | 000,000,000 | ---- | M] () -- C:\Users\Tomas\Documents\YouTube - Zvidm kdla ptkm.mpeg_
[2010/11/13 22:40:08 | 000,000,541 | ---- | M] () -- C:\Users\Tomas\AppData\Local\SRDownloader.err
[2010/11/13 21:16:45 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010/11/13 21:14:16 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3a.dll
[2010/11/13 21:14:15 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71.dll
[2010/11/13 21:14:15 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr71.dll
[2010/11/13 10:55:31 | 000,276,520 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2010/11/13 10:00:59 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/11/13 08:58:56 | 001,675,776 | ---- | M] (Flagship Industries, Inc.) -- C:\Users\Tomas\Desktop\Ventrilo.exe
[2010/11/13 00:05:27 | 000,060,295 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2010/11/13 00:05:27 | 000,060,295 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2010/11/12 21:51:21 | 000,000,262 | ---- | M] () -- C:\windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/11/12 20:12:47 | 001,045,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MSJET35.DLL
[2010/11/12 20:12:47 | 000,368,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\VBAR332.DLL
[2010/11/12 20:12:47 | 000,252,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MSRD2X35.DLL
[2010/11/12 20:12:47 | 000,123,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MSJINT35.DLL
[2010/11/12 20:12:47 | 000,024,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MSJTER35.DLL
[2010/11/12 20:01:32 | 001,471,654 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/11/12 19:14:55 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/11/12 18:55:36 | 000,001,102 | ---- | M] () -- C:\Users\Tomas\Desktop\EVEREST Home Edition.lnk
[2010/11/12 18:50:52 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/12 18:50:52 | 000,000,088 | RHS- | M] () -- C:\ProgramData\DCB6D720A5.sys
[2010/11/12 18:07:34 | 000,004,203 | ---- | M] () -- C:\windows\SysNative\Config.MPF
[2010/11/12 17:11:00 | 000,000,000 | RHS- | M] () -- C:\windows\SysWow64\drivers\103C_HP_bNB_ProBook 4525s_Y5336AN_0U_Q2CE0410PJB_E619848-223_4A_I142D_SHP_V51.16_68CPK F.06_T100629_WU3-0_L405_M3831_J500_7AMD_8F63_92.40_#100902_N14E44727_(WS897EA#ARL)_XMOBILE_CN10_Z_2_G100268E0.MRK
[2010/11/12 17:11:00 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_bNB_ProBook 4525s_Y5336AN_0U_Q2CE0410PJB_E619848-223_4A_I142D_SHP_V51.16_68CPK F.06_T100629_WU3-0_L405_M3831_J500_7AMD_8F63_92.40_#100902_N14E44727_(WS897EA#ARL)_XMOBILE_CN10_Z_2_G100268E0.MRK

========== Files Created - No Company Name ==========

[2010/11/18 23:02:34 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/18 21:06:40 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\CommView for WiFi.lnk
[2010/11/18 18:42:03 | 004,535,704 | ---- | C] () -- C:\Users\Tomas\Desktop\aircrack-ng-1.1-win.zip
[2010/11/18 18:26:17 | 009,463,432 | ---- | C] () -- C:\Users\Tomas\Desktop\Commview for.Wifi.6.0.5.rar
[2010/11/17 13:27:58 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/11/17 13:26:07 | 000,001,181 | ---- | C] () -- C:\Users\Tomas\Desktop\Ashampoo Burning Studio 10.lnk
[2010/11/17 12:53:40 | 000,834,544 | ---- | C] () -- C:\windows\SysNative\drivers\sptd.sys
[2010/11/17 11:15:17 | 000,061,560 | ---- | C] () -- C:\Users\Tomas\Desktop\hh.jpg
[2010/11/15 15:09:49 | 004,431,174 | ---- | C] () -- C:\Users\Tomas\Desktop\grahmo.bmp
[2010/11/14 14:46:45 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/11/14 14:35:43 | 000,000,000 | ---- | C] () -- C:\Users\Tomas\Documents\YouTube - Zvidm kdla ptkm.mpeg_
[2010/11/13 21:16:45 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010/11/13 10:58:43 | 000,004,400 | ---- | C] () -- C:\Users\Tomas\Desktop\User.ini
[2010/11/13 10:00:59 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/11/12 22:02:40 | 000,000,856 | ---- | C] () -- C:\Users\Tomas\AppData\Local\SRDownloader.nast
[2010/11/12 22:02:17 | 000,000,541 | ---- | C] () -- C:\Users\Tomas\AppData\Local\SRDownloader.err
[2010/11/12 21:51:16 | 000,000,262 | ---- | C] () -- C:\windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/11/12 21:30:44 | 000,005,174 | ---- | C] () -- C:\windows\SysWow64\nppt9x.vxd
[2010/11/12 20:01:32 | 001,471,654 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/11/12 19:14:55 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/11/12 18:55:36 | 000,001,102 | ---- | C] () -- C:\Users\Tomas\Desktop\EVEREST Home Edition.lnk
[2010/11/12 18:50:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\DCB6D720A5.sys
[2010/11/12 18:50:39 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/12 18:42:10 | 000,000,384 | ---- | C] () -- C:\windows\myClean.bat
[2010/11/12 17:11:00 | 000,000,000 | RHS- | C] () -- C:\windows\SysWow64\drivers\103C_HP_bNB_ProBook 4525s_Y5336AN_0U_Q2CE0410PJB_E619848-223_4A_I142D_SHP_V51.16_68CPK F.06_T100629_WU3-0_L405_M3831_J500_7AMD_8F63_92.40_#100902_N14E44727_(WS897EA#ARL)_XMOBILE_CN10_Z_2_G100268E0.MRK
[2010/11/12 17:11:00 | 000,000,000 | RHS- | C] () -- C:\windows\SysNative\drivers\103C_HP_bNB_ProBook 4525s_Y5336AN_0U_Q2CE0410PJB_E619848-223_4A_I142D_SHP_V51.16_68CPK F.06_T100629_WU3-0_L405_M3831_J500_7AMD_8F63_92.40_#100902_N14E44727_(WS897EA#ARL)_XMOBILE_CN10_Z_2_G100268E0.MRK
[2010/11/12 17:09:49 | 4016,496,640 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/02 21:34:52 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wddiidg.sys
[2010/09/02 21:05:18 | 000,000,188 | ---- | C] () -- C:\windows\SysWow64\HPWA.ini
[2010/09/02 20:56:29 | 000,000,178 | ---- | C] () -- C:\windows\SysWow64\HPPA.ini
[2010/02/19 17:43:00 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2010/02/11 21:47:04 | 000,636,176 | ---- | C] () -- C:\windows\SysWow64\SUPSDK.dll
[2010/02/11 21:46:52 | 000,050,448 | ---- | C] () -- C:\windows\SysWow64\ExpSnapShotAPI.dll
[2010/01/22 22:29:16 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2010/01/22 22:29:06 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2010/01/22 22:29:06 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2010/01/22 22:28:48 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2010/01/22 22:28:48 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2010/01/22 22:28:46 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/11/17 13:26:22 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Ashampoo
[2010/11/15 17:38:36 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\BSplayer PRO
[2010/11/17 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
[2010/11/12 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\DigitalPersona
[2010/11/17 13:25:12 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\GetRightToGo
[2010/11/18 22:30:52 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\ICQ
[2010/11/18 20:26:11 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\SoftGrid Client
[2010/11/12 20:02:31 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\TP
[2010/11/18 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2009/07/14 06:08:49 | 000,010,116 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Microsheep · Příspěvekod **Microsheep** » 18 lis 2010 23:26

OTL Extras logfile created on: 11/18/2010 11:18:54 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Tomas\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.47 Gb Total Space | 349.98 Gb Free Space | 78.04% Space Free | Partition Type: NTFS

Computer Name: TOMAS-HP | User Name: Tomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}" = Privacy Manager for HP ProtectTools
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1C292266-E054-4090-84D5-869649E4F9C7}" = HP Power Data
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}" = HP QuickLook
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9}" = HP ProtectTools Security Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C823942A-A0B4-4412-B935-6A2DC7CC1B4D}" = HP Power Assistant
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}" = HP Wireless Assistant
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HPProtectTools" = HP ProtectTools Security Manager
"LSI Soft Modem" = LSI HDA Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}" = Lineage II
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7861911B-4270-498A-8F7A-FCF0570F486B}" = HP QuickWeb
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{80A6DF3F-FB3D-48CB-BF1B-686E3D08C8F6}" = HP Software Framework
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}" = CommView for WiFi
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSPlayerp" = BS.Player PRO
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"DivX Setup.divx.com" = DivX Setup
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"PDF Complete" = PDF Complete Special Edition
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/12/2010 12:28:19 PM | Computer Name = Tomas-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7600.16385, časové
razítko: 0x4a5bc69e Název chybujícího modulu: McIEPlg.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4a7c5635 Kód výjimky: 0xc0000005 Posun chyby: 0x0275fe08 ID chybujícího
procesu: 0x16bc Čas spuštění chybující aplikace: 0x01cb828692945845 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: McIEPlg.dll ID zprávy: db8e4750-ee79-11df-a4ab-1cc1de0bcbd2

Error - 11/12/2010 1:04:00 PM | Computer Name = Tomas-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu Panel nástrojů Bing nelze ukončit.

Error - 11/12/2010 1:58:04 PM | Computer Name = Tomas-HP | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Users\Tomas\AppData\Local\Temp\RarSFX0\redist.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 11/12/2010 2:18:27 PM | Computer Name = Tomas-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu HP Advisor Dock nelze ukončit.

[ HP Power Assistant Events ]
Error - 10/15/2010 11:23:00 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 10/15/2010 11:23:00 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()

Error - 10/15/2010 11:23:02 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = GetPanelBrightnessTables() failed : 597

Error - 10/15/2010 11:23:06 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

Error - 10/15/2010 11:23:10 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

Error - 10/15/2010 11:23:15 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

Error - 10/15/2010 11:23:20 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

Error - 10/15/2010 11:23:25 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

Error - 10/15/2010 11:23:30 AM | Computer Name = 2VD93VJJN69B4 | Source = HP PA Service | ID = 0
Description = System.Exception GetPMCData() failed : 597 at HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput&
pmcData) at HPPA_Service.CurrentConfiguration.get_UnmonitoredPMCData()

[ HP Wireless Assistant Events ]
Error - 11/13/2010 3:59:35 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 3:59:35 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 4:04:51 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 4:04:51 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 4:37:13 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 4:37:14 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 5:13:46 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/13/2010 5:13:46 PM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/18/2010 8:57:56 AM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 11/18/2010 8:57:56 AM | Computer Name = Tomas-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported v System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) v System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

v HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

[ System Events ]
Error - 11/15/2010 2:08:49 PM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/16/2010 1:15:02 AM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/16/2010 9:43:52 AM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/16/2010 10:37:55 AM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/16/2010 4:31:38 PM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/17/2010 4:10:38 AM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/17/2010 2:28:51 PM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 11/17/2010 5:51:08 PM | Computer Name = Tomas-HP | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/17/2010 5:53:38 PM | Computer Name = Tomas-HP | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 11/18/2010 1:15:29 AM | Computer Name = Tomas-HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%2

< End of report >

Příspěvekod **jaro3** » 19 lis 2010 10:40

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\windows\SysWow64\drivers\wddiidg.sys
C:\windows\SysWow64\HPWA.ini
C:\windows\SysWow64\vcsAPIShared.dll.hpsign
C:\windows\SysWow64\SUPSDK.dll
C:\windows\SysWow64\ExpSnapShotAPI.dll
C:\windows\SysWow64\DPFPApiUI.dll.hpsign
C:\windows\SysWow64\DPPassFilter.dll.hpsign
C:\windows\SysWow64\DPCrProv.dll.hpsign
C:\windows\SysWow64\DPSCEL.dll.hpsign
C:\windows\SysWow64\DPFPApi.dll.hpsign
C:\windows\SysWow64\DPClback.dll.hpsign

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Microsheep · Příspěvekod **Microsheep** » 19 lis 2010 14:16

Příspěvekod **jaro3** » 19 lis 2010 14:43

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - (CV2K1) -- C:\windows\SysNative\DRIVERS\cv2k1.sys File not found
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe File not found
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[2010/11/18 23:21:32 | 000,623,104 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2010/11/18 23:21:32 | 000,607,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/11/18 23:21:32 | 000,118,996 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2010/11/18 23:21:32 | 000,103,754 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/11/12 18:50:52 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/12 18:50:52 | 000,000,088 | RHS- | M] () -- C:\ProgramData\DCB6D720A5.sys

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\ProgramData\KGyGaAvL.sys
C:\ProgramData\DCB6D720A5.sys
C:\windows\myClean.bat
C:\windows\SysWow64\drivers\wddiidg.sys

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

PC napadem virem + Vyřešeno

PC napadem virem +

Re: PC napadem virem

Re: PC napadem virem

Re: PC napadem virem

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Re: PC napadem virem +

Kdo je online