Kontrola logu, díky +

defender3 · Příspěvekod **defender3** » 27 lis 2010 10:03

Čaues, před 2 týdny jsem přeinstalovával OS, konkrétně Win 7 Ultimate x64, proběhlo vše v pořádku a OS jsem nastavil, nebyli tam žádne mnou instalované programy, jen ty, co se instalovali při instalaci toho OS, poté odjedu na týden pryč z domu, kromě mě používá PC jen bratr, ještě před odjezdem jsem mu říkal ať hlavně nic nestahuje, že to není dostatečně zabezpečené ( jen Win FW ), no nic po týdnu přijedu a dneska zjistím, že se mi PC načítá pomalu a né jako předtím, přihlásím se do systému a co nevidím, na ploše nějaký " emsisoft anti-malware " jenž vůbec neznám, takže jsem to okamžitě odinstalovat, ale jen z přidat nebo odebrat programy, zbytkové soubory předpokládám v PC zůstaly a ten bezpečnostní program vůbec neznám a zdá se mi, že je to něco falešného, a tak se ptám bratra co stím dělal, no a samozřejmě že zatlouká, že stím nic nedělal, navíc windows jede značně spomaleně, než tak jak jel předtím, kdy to ještě bylo OK, jinak krom toho programu není v PC nic, ale pochybuji o tom, že nic nestahoval, ani neinstaloval, ostatně odstranit se dá vše, myslím, že se v tom PC určitě nějaké havěť najde. Zřejmě to bude chtít použít i ComboFix. Log je vložen z RSITU, protože HJT nefunguje

Logfile of random's system information tool 1.08 (written by random/random)
Run by widleBOY at 2010-11-27 09:59:04
Microsoft Windows 7 Ultimate
System drive C: has 407 GB (88%) free of 462 GB
Total RAM: 4095 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:59:05, on 27.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\trend micro\widleBOY.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MicrosoftWindows] C:\Users\widleBOY\AppData\Roaming\Microsoft\Microsoft.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9017 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
taskeng.exe {F059F4FF-E9AE-4F32-A81E-107545B54214}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3318207029-1907216061-2911367861-10008_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3318207029-1907216061-2911367861-10008 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\widleBOY\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 16330272]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MicrosoftWindows"=C:\Users\widleBOY\AppData\Roaming\Microsoft\Microsoft.exe [2005-04-11 970752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-28 2387968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"=C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"UpdatePDRShortCut"=C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-04-28 87336]
"PDVD9LanguageShortcut"=C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe [2009-04-28 50472]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-08-15 210216]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-20 47672]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-20 3054136]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-28 2387968]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-27 09:51:10 ----D---- C:\rsit
2010-11-27 09:51:10 ----D---- C:\Program Files\trend micro
2010-11-27 09:47:45 ----D---- C:\Windows\system32\appmgmt
2010-11-27 09:44:37 ----D---- C:\Program Files (x86)\HJT
2010-11-26 19:49:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-11-26 15:08:02 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-11-26 15:07:09 ----A---- C:\Windows\system32\mfreadwrite.dll
2010-11-26 15:07:09 ----A---- C:\Windows\system32\mfps.dll
2010-11-26 15:07:08 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2010-11-26 15:07:08 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2010-11-26 15:07:08 ----A---- C:\Windows\SYSWOW64\mf.dll
2010-11-26 15:07:08 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-11-26 15:07:08 ----A---- C:\Windows\system32\mf.dll
2010-11-26 15:07:03 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-11-26 15:05:01 ----A---- C:\Windows\system32\MRT.exe
2010-11-26 14:53:24 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2010-11-26 14:53:24 ----D---- C:\Windows\RemotePackages
2010-11-26 14:37:39 ----D---- C:\Users\widleBOY\AppData\Roaming\WinRAR
2010-11-25 17:01:14 ----D---- C:\Users\widleBOY\AppData\Roaming\Zoner
2010-11-25 16:38:03 ----D---- C:\Program Files (x86)\Conduit
2010-11-25 06:54:47 ----D---- C:\Windows\SYSWOW64\Wat
2010-11-25 06:54:47 ----D---- C:\Windows\system32\Wat
2010-11-24 20:15:41 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-11-24 20:15:41 ----A---- C:\Windows\system32\msv1_0.dll
2010-11-24 20:09:38 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-11-24 20:09:38 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-11-24 20:09:38 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-11-24 20:09:38 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-11-24 20:09:38 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-11-24 20:09:38 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-11-24 20:09:38 ----A---- C:\Windows\system32\PresentationHost.exe
2010-11-24 20:09:38 ----A---- C:\Windows\system32\netfxperf.dll
2010-11-24 20:09:38 ----A---- C:\Windows\system32\mscoree.dll
2010-11-24 20:09:38 ----A---- C:\Windows\system32\dfshim.dll
2010-11-24 20:09:14 ----A---- C:\Windows\system32\browserchoice.exe
2010-11-24 19:56:36 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-11-24 19:56:36 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-24 18:07:04 ----A---- C:\Windows\_MSRSTRT.EXE
2010-11-24 18:03:51 ----N---- C:\Windows\SYSWOW64\wbsys.dll
2010-11-24 18:03:51 ----A---- C:\Windows\system32\wbload.dll
2010-11-24 18:03:32 ----D---- C:\Program Files (x86)\Stardock
2010-11-24 15:13:27 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-11-24 15:13:27 ----A---- C:\Windows\system32\asycfilt.dll
2010-11-24 15:13:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-11-24 15:13:23 ----A---- C:\Windows\system32\ntdll.dll
2010-11-24 15:13:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-11-24 15:13:19 ----A---- C:\Windows\system32\vbscript.dll
2010-11-24 15:13:17 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-11-24 15:13:17 ----A---- C:\Windows\system32\t2embed.dll
2010-11-24 15:13:16 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-11-24 15:13:16 ----A---- C:\Windows\system32\ole32.dll
2010-11-24 15:13:10 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-11-24 15:13:10 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-24 15:13:09 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-24 15:13:08 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-11-24 15:12:51 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-11-24 15:12:51 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-11-24 15:12:51 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-11-24 15:12:51 ----A---- C:\Windows\system32\secproc_isv.dll
2010-11-24 15:12:51 ----A---- C:\Windows\system32\secproc.dll
2010-11-24 15:12:51 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-11-24 15:12:51 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-11-24 15:12:51 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-11-24 15:12:51 ----A---- C:\Windows\system32\RMActivate.exe
2010-11-24 15:12:36 ----A---- C:\Windows\system32\shell32.dll
2010-11-24 15:12:35 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-11-24 15:12:33 ----A---- C:\Windows\system32\inetcomm.dll
2010-11-24 15:12:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-11-24 15:12:32 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-24 15:12:31 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-11-24 15:12:31 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-11-24 15:12:31 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-24 15:12:31 ----A---- C:\Windows\system32\msdri.dll
2010-11-24 15:12:17 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-11-24 15:12:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-11-24 15:12:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-11-24 15:12:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-11-24 15:12:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-11-24 15:12:09 ----A---- C:\Windows\system32\schannel.dll
2010-11-24 15:12:05 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-11-24 15:12:05 ----A---- C:\Windows\system32\comctl32.dll
2010-11-24 15:12:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-11-24 15:12:04 ----A---- C:\Windows\system32\oleaut32.dll
2010-11-24 15:12:02 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-11-24 15:12:02 ----A---- C:\Windows\system32\winlogon.exe
2010-11-24 15:12:02 ----A---- C:\Windows\explorer.exe
2010-11-24 15:11:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-11-24 15:11:58 ----A---- C:\Windows\SYSWOW64\user.exe
2010-11-24 15:11:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-11-24 15:11:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-11-24 15:11:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-11-24 15:11:58 ----A---- C:\Windows\system32\wow64.dll
2010-11-24 15:11:56 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-11-24 15:11:56 ----A---- C:\Windows\system32\rtutils.dll
2010-11-24 15:11:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-11-24 15:11:44 ----A---- C:\Windows\system32\tzres.dll
2010-11-24 15:11:37 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-24 15:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-11-24 15:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-11-24 15:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-11-24 15:11:33 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-11-24 15:11:31 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-11-24 15:11:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-24 15:11:30 ----A---- C:\Windows\system32\cdd.dll
2010-11-24 15:11:21 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-11-24 15:11:21 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\tsbyuv.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\quartz.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\msyuv.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\msvidc32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\msrle32.dll
2010-11-24 15:11:20 ----A---- C:\Windows\system32\iyuv_32.dll
2010-11-24 15:11:05 ----A---- C:\Windows\system32\msxml3.dll
2010-11-24 15:11:04 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-11-24 15:11:00 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-24 15:10:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-11-24 15:10:59 ----A---- C:\Windows\system32\jscript.dll
2010-11-24 15:10:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-11-24 15:10:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-11-24 15:10:56 ----A---- C:\Windows\system32\lsasrv.dll
2010-11-24 15:10:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-11-24 15:10:46 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-11-24 15:10:46 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-11-24 15:10:44 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-11-24 15:10:44 ----A---- C:\Windows\system32\msasn1.dll
2010-11-24 15:10:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-11-24 15:10:42 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-11-24 15:10:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-11-24 15:10:42 ----A---- C:\Windows\system32\fontsub.dll
2010-11-24 15:10:42 ----A---- C:\Windows\system32\atmlib.dll
2010-11-24 15:10:42 ----A---- C:\Windows\system32\atmfd.dll
2010-11-24 15:10:41 ----A---- C:\Windows\system32\mshtml.dll
2010-11-24 15:10:40 ----A---- C:\Windows\system32\ieframe.dll
2010-11-24 15:10:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-11-24 15:10:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-11-24 15:10:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-11-24 15:10:38 ----A---- C:\Windows\system32\iertutil.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-11-24 15:10:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\wininet.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\urlmon.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\mstime.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\ieui.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\iepeers.dll
2010-11-24 15:10:37 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-24 15:10:36 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-11-24 15:10:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-11-24 15:10:36 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-24 15:10:36 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-24 15:10:30 ----A---- C:\Windows\system32\wmp.dll
2010-11-24 15:10:28 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-11-24 15:10:28 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-11-24 15:10:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-24 15:10:22 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-11-24 15:10:22 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-24 15:10:22 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-24 15:10:22 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-24 15:10:22 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-24 15:10:21 ----A---- C:\Windows\system32\win32k.sys
2010-11-23 23:03:13 ----A---- C:\Pass.txt
2010-11-23 22:36:06 ----D---- C:\Windows\CSC
2010-11-23 22:30:31 ----SHD---- C:\System Volume Information
2010-11-23 22:30:31 ----ASH---- C:\pagefile.sys
2010-11-23 22:30:09 ----ASH---- C:\hiberfil.sys
2010-11-23 17:31:19 ----D---- C:\Systémové programy
2010-11-23 16:47:20 ----D---- C:\Windows\SYSWOW64\Adobe
2010-11-23 16:40:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-11-23 16:38:39 ----D---- C:\Program Files (x86)\HyperCam 3
2010-11-23 16:19:54 ----D---- C:\Users\widleBOY\AppData\Roaming\Adobe
2010-11-23 16:03:36 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2010-11-23 16:03:36 ----A---- C:\Windows\SYSWOW64\cabview.dll
2010-11-23 16:03:36 ----A---- C:\Windows\system32\wintrust.dll
2010-11-23 16:03:36 ----A---- C:\Windows\system32\cabview.dll
2010-11-23 14:55:49 ----D---- C:\Users\widleBOY\AppData\Roaming\Identities
2010-11-23 14:52:34 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-23 14:51:22 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-11-23 14:51:22 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-23 14:49:47 ----D---- C:\Program Files (x86)\Microsoft
2010-11-23 14:49:31 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2010-11-23 14:49:26 ----D---- C:\Program Files (x86)\Windows Live
2010-11-23 14:48:36 ----D---- C:\Users\widleBOY\AppData\Roaming\Macromedia
2010-11-23 14:47:43 ----HD---- C:\asus.dat
2010-11-23 14:47:31 ----RSHD---- C:\Users\widleBOY\AppData\Roaming\Microsoft
2010-11-23 14:47:31 ----D---- C:\Users\widleBOY\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 1 months======

2010-11-27 09:51:10 ----RD---- C:\Program Files
2010-11-27 09:50:06 ----SHD---- C:\Windows\Installer
2010-11-27 09:47:45 ----D---- C:\Windows\System32
2010-11-27 09:44:40 ----RD---- C:\Program Files (x86)
2010-11-27 09:40:57 ----A---- C:\Windows\system32\AutoRunFilter.ini
2010-11-27 09:40:56 ----D---- C:\Windows\Temp
2010-11-27 09:40:49 ----A---- C:\Windows\system32\ServiceFilter.ini
2010-11-27 09:40:47 ----D---- C:\Windows\system32\Tasks
2010-11-27 09:34:06 ----D---- C:\Windows\system32\config
2010-11-27 09:20:06 ----D---- C:\Windows
2010-11-26 20:26:47 ----RSD---- C:\Windows\assembly
2010-11-26 20:26:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-11-26 20:26:24 ----D---- C:\Windows\system32\cs-CZ
2010-11-26 20:26:15 ----D---- C:\Windows\inf
2010-11-26 20:26:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-26 20:24:03 ----D---- C:\Windows\Microsoft.NET
2010-11-26 20:23:37 ----D---- C:\Windows\SysWOW64
2010-11-26 20:23:30 ----D---- C:\Windows\SYSWOW64\en-US
2010-11-26 20:23:30 ----D---- C:\Windows\system32\en-US
2010-11-26 20:23:30 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-11-26 19:30:35 ----D---- C:\Windows\Prefetch
2010-11-26 19:26:23 ----D---- C:\Windows\system32\wdi
2010-11-26 15:37:12 ----D---- C:\Windows\winsxs
2010-11-26 15:36:41 ----D---- C:\Windows\system32\catroot2
2010-11-26 15:36:41 ----D---- C:\Windows\system32\catroot
2010-11-26 15:21:52 ----D---- C:\Windows\system32\DriverStore
2010-11-26 15:21:52 ----D---- C:\Windows\system32\drivers
2010-11-26 15:15:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-26 15:08:42 ----SD---- C:\ProgramData\Microsoft
2010-11-26 15:05:02 ----D---- C:\Windows\debug
2010-11-26 14:53:24 ----D---- C:\Windows\system32\sr-Latn-CS
2010-11-26 14:53:24 ----D---- C:\Windows\system32\sl-SI
2010-11-26 14:53:24 ----D---- C:\Windows\system32\sk-SK
2010-11-26 14:53:24 ----D---- C:\Windows\system32\ro-RO
2010-11-26 14:53:24 ----D---- C:\Windows\system32\lv-LV
2010-11-26 14:53:24 ----D---- C:\Windows\system32\lt-LT
2010-11-26 14:53:24 ----D---- C:\Windows\system32\hr-HR
2010-11-26 14:53:24 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-26 14:53:23 ----D---- C:\Windows\system32\wbem
2010-11-26 14:53:23 ----D---- C:\Windows\system32\pl-PL
2010-11-26 14:53:23 ----D---- C:\Windows\system32\hu-HU
2010-11-26 14:53:23 ----D---- C:\Windows\system32\et-EE
2010-11-26 14:53:23 ----D---- C:\Windows\system32\bg-BG
2010-11-26 14:53:17 ----D---- C:\Windows\system32\restore
2010-11-25 19:04:56 ----D---- C:\ProgramData\Microsoft Help
2010-11-25 06:55:08 ----D---- C:\Program Files\Internet Explorer
2010-11-25 06:55:08 ----D---- C:\Program Files (x86)\Internet Explorer
2010-11-25 06:55:03 ----D---- C:\Windows\ehome
2010-11-25 06:55:03 ----D---- C:\Program Files\Windows Mail
2010-11-25 06:55:03 ----D---- C:\Program Files (x86)\Windows Mail
2010-11-25 06:54:58 ----D---- C:\Windows\AppPatch
2010-11-25 06:54:52 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2010-11-25 06:54:52 ----D---- C:\Windows\SYSWOW64\ro-RO
2010-11-25 06:54:52 ----D---- C:\Windows\SYSWOW64\lv-LV
2010-11-25 06:54:52 ----D---- C:\Windows\SYSWOW64\lt-LT
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\sl-SI
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\pl-PL
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\hu-HU
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\hr-HR
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\et-EE
2010-11-25 06:54:51 ----D---- C:\Windows\SYSWOW64\bg-BG
2010-11-25 06:54:41 ----D---- C:\Windows\SYSWOW64\migration
2010-11-25 06:54:41 ----D---- C:\Windows\system32\migration
2010-11-25 06:54:40 ----D---- C:\Program Files\Windows Media Player
2010-11-25 06:54:40 ----D---- C:\Program Files (x86)\Windows Media Player
2010-11-24 20:02:42 ----RSD---- C:\Windows\Fonts
2010-11-24 20:02:30 ----D---- C:\Program Files (x86)\Microsoft Works
2010-11-24 18:02:35 ----D---- C:\Program Files (x86)\Common Files
2010-11-23 16:46:57 ----D---- C:\Program Files (x86)\Adobe
2010-11-23 16:46:01 ----D---- C:\ProgramData\Adobe
2010-11-23 16:27:00 ----D---- C:\Windows\Tasks
2010-11-23 16:09:57 ----D---- C:\Windows\system32\LogFiles
2010-11-23 16:08:25 ----A---- C:\Windows\system32\Defrag.ini
2010-11-23 16:04:17 ----D---- C:\Windows\SoftwareDistribution
2010-11-23 16:01:21 ----D---- C:\Windows\Logs
2010-11-23 15:45:34 ----HD---- C:\ProgramData
2010-11-23 15:10:23 ----D---- C:\Windows\SYSWOW64\drivers
2010-11-23 14:55:17 ----SHD---- C:\$Recycle.Bin
2010-11-23 14:55:11 ----D---- C:\Windows\system32\drivers\etc
2010-11-23 14:47:31 ----RD---- C:\Users
2010-11-23 14:45:38 ----SHD---- C:\Recovery
2010-11-23 14:45:38 ----D---- C:\Windows\system32\Recovery
2010-11-23 14:41:54 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-20 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 382496]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-01-28 73728]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-24 1255736]

-----------------EOF-----------------

Reklama

Příspěvekod **memphisto** » 27 lis 2010 10:47

Combofix nejde na 64 bit systému. Bude potřeba OTL. Napřed ale:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

defender3 · Příspěvekod **defender3** » 27 lis 2010 11:05

Tady to je

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5199

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.11.2010 11:03:52
mbam-log-2010-11-27 (11-03-52).txt

Typ skenu: Rychlý sken
Skenované objekty: 141121
Uplynulý čas: 3 minuta(y), 21 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoftwindows (Trojan.Agent) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\widleBOY\AppData\Roaming\Microsoft\Microsoft.exe (Trojan.Agent) -> No action taken.

Příspěvekod **memphisto** » 27 lis 2010 11:08

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

defender3 · Příspěvekod **defender3** » 27 lis 2010 11:26

Log z MbAMu

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5199

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.11.2010 11:14:00
mbam-log-2010-11-27 (11-14-00).txt

Typ skenu: Rychlý sken
Skenované objekty: 141078
Uplynulý čas: 2 minuta(y), 25 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoftwindows (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\widleBOY\AppData\Roaming\Microsoft\Microsoft.exe (Trojan.Agent) -> Quarantined and deleted successfully.

defender3 · Příspěvekod **defender3** » 27 lis 2010 11:27

Tady je OTL log ( OTL.txt )

OTL logfile created on: 11/27/2010 11:22:27 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\widleBOY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 74.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.11 Gb Total Space | 412.16 Gb Free Space | 91.37% Space Free | Partition Type: NTFS

Computer Name: WIDLEBOY-PC | User Name: widleBOY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\widleBOY\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

========== Modules (SafeList) ==========

MOD - C:\Users\widleBOY\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FastBootAgent) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe (ASUSTeK Computer Inc.)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (NETw5s64) Ovladač adaptéru Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (NETw1v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw1v64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010/09/22 18:10:52 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.180.32.2 168.192.2.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\WB: DllName - Reg Error: Key error. - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 11:18:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\widleBOY\Desktop\OTL.exe
[2010/11/27 10:58:21 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Malwarebytes
[2010/11/27 10:58:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/27 10:58:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/27 10:58:10 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/27 10:58:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/27 09:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/11/27 09:51:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/27 09:47:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/11/27 09:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HJT
[2010/11/27 09:35:34 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\Documents\Anti-Malware
[2010/11/26 15:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/11/26 15:07:09 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/11/26 15:07:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/11/26 15:07:08 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/11/26 15:07:08 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/11/26 15:07:08 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/11/26 15:07:08 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/11/26 15:07:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/11/26 14:53:24 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents
[2010/11/26 14:53:24 | 000,000,000 | ---D | C] -- C:\Windows\RemotePackages
[2010/11/26 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\WinRAR
[2010/11/25 17:19:23 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\.gimp-2.2
[2010/11/25 17:14:09 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\Documents\ZPS12
[2010/11/25 17:01:53 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\Documents\ZPS13
[2010/11/25 17:01:14 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Zoner
[2010/11/25 17:01:14 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Zoner
[2010/11/25 16:57:17 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\Documents\gegl-0.0
[2010/11/25 16:57:17 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\.gimp-2.6
[2010/11/25 16:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/11/25 06:54:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/11/25 06:54:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/11/24 20:09:38 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/11/24 20:09:38 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/11/24 20:09:38 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/11/24 20:09:38 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/11/24 20:09:38 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/11/24 20:09:38 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/11/24 20:09:38 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/11/24 20:09:38 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/11/24 20:09:14 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/11/24 18:17:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2010/11/24 18:03:51 | 000,042,672 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbsys.dll
[2010/11/24 18:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2010/11/24 15:13:23 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/11/24 15:13:19 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/11/24 15:13:17 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/11/24 15:13:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/11/24 15:13:16 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/11/24 15:13:10 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/11/24 15:13:09 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010/11/24 15:13:08 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010/11/24 15:12:51 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010/11/24 15:12:51 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010/11/24 15:12:51 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010/11/24 15:12:51 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010/11/24 15:12:51 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010/11/24 15:12:51 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010/11/24 15:12:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010/11/24 15:12:51 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010/11/24 15:12:51 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010/11/24 15:12:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010/11/24 15:12:51 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010/11/24 15:12:51 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010/11/24 15:12:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010/11/24 15:12:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010/11/24 15:12:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010/11/24 15:12:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010/11/24 15:12:32 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/11/24 15:12:31 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/11/24 15:12:31 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010/11/24 15:12:31 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/11/24 15:12:31 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010/11/24 15:12:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/11/24 15:12:31 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/11/24 15:12:31 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/11/24 15:12:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/11/24 15:12:13 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/11/24 15:12:12 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/11/24 15:12:12 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/11/24 15:12:05 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/11/24 15:12:04 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/11/24 15:12:02 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/11/24 15:12:02 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010/11/24 15:12:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010/11/24 15:11:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/11/24 15:11:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010/11/24 15:11:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010/11/24 15:11:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010/11/24 15:11:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010/11/24 15:11:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010/11/24 15:11:56 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/11/24 15:11:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/11/24 15:11:33 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/11/24 15:11:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/11/24 15:11:21 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/11/24 15:11:21 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/11/24 15:11:20 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010/11/24 15:11:20 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/11/24 15:11:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010/11/24 15:11:20 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010/11/24 15:11:00 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/11/24 15:10:59 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/11/24 15:10:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/11/24 15:10:56 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/11/24 15:10:46 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/11/24 15:10:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/11/24 15:10:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010/11/24 15:10:42 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/11/24 15:10:42 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/11/24 15:10:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010/11/24 15:10:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010/11/24 15:10:42 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/11/24 15:10:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/11/24 15:10:37 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/11/24 15:10:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/11/24 15:10:37 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/11/24 15:10:37 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/11/24 15:10:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/11/24 15:10:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/11/24 15:10:37 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/11/24 15:10:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/11/24 15:10:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/11/24 15:10:37 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/11/24 15:10:36 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/11/24 15:10:36 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/11/24 15:10:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/11/24 15:10:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/11/24 15:10:30 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/11/24 15:10:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/11/24 15:10:28 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/11/24 15:10:27 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/11/24 15:10:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/11/23 22:36:06 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/11/23 22:30:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/11/23 17:31:19 | 000,000,000 | ---D | C] -- C:\Systémové programy
[2010/11/23 16:47:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/11/23 16:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/11/23 16:40:27 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Mozilla
[2010/11/23 16:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/23 16:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyperCam 3
[2010/11/23 16:22:00 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Google
[2010/11/23 16:21:47 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Deployment
[2010/11/23 16:19:54 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Adobe
[2010/11/23 16:03:36 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/11/23 16:03:36 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010/11/23 16:03:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010/11/23 16:03:36 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010/11/23 14:56:38 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\SRS Labs
[2010/11/23 14:55:57 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Searches
[2010/11/23 14:55:49 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Identities
[2010/11/23 14:55:19 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Contacts
[2010/11/23 14:52:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/11/23 14:51:22 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/11/23 14:51:22 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/11/23 14:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/11/23 14:49:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/11/23 14:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/11/23 14:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/11/23 14:48:40 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Power2Go
[2010/11/23 14:48:36 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Macromedia
[2010/11/23 14:48:34 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\VirtualStore
[2010/11/23 14:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/11/23 14:47:43 | 000,000,000 | -H-D | C] -- C:\asus.dat
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\AppData\Local\Temporary Internet Files
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Soubory cookie
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\SendTo
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Šablony
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Poslední
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Okolní tiskárny
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Okolní síť
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Documents\Obrázky
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Nabídka Start
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Local Settings
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Documents\Hudba
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\AppData\Local\History
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Documents\Filmy
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Dokumenty
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\Data aplikací
[2010/11/23 14:47:32 | 000,000,000 | -HSD | C] -- C:\Users\widleBOY\AppData\Local\Data aplikací
[2010/11/23 14:47:31 | 000,000,000 | RHSD | C] -- C:\Users\widleBOY\AppData\Roaming\Microsoft
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Videos
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Saved Games
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Pictures
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Music
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Links
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Favorites
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Downloads
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Dokumenty
[2010/11/23 14:47:31 | 000,000,000 | R--D | C] -- C:\Users\widleBOY\Desktop
[2010/11/23 14:47:31 | 000,000,000 | -H-D | C] -- C:\Users\widleBOY\AppData
[2010/11/23 14:47:31 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Temp
[2010/11/23 14:47:31 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Local\Microsoft
[2010/11/23 14:47:31 | 000,000,000 | ---D | C] -- C:\Users\widleBOY\AppData\Roaming\Media Center Programs
[2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2010/11/27 11:22:26 | 000,014,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/27 11:22:26 | 000,014,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/27 11:18:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\widleBOY\Desktop\OTL.exe
[2010/11/27 11:15:51 | 000,001,730 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010/11/27 11:15:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/27 11:14:52 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/27 11:06:17 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/27 09:40:49 | 000,001,159 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010/11/26 20:26:15 | 003,107,760 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/26 20:26:15 | 000,692,630 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010/11/26 20:26:15 | 000,635,084 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2010/11/26 20:26:15 | 000,634,546 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/11/26 20:26:15 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/26 20:26:15 | 000,149,154 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2010/11/26 20:26:15 | 000,135,684 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010/11/26 20:26:15 | 000,123,104 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/11/26 20:26:15 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/26 19:49:56 | 003,064,794 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/26 17:38:47 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010/11/25 17:31:54 | 000,000,045 | -H-- | M] () -- C:\Windows\dos12080.dat
[2010/11/25 17:19:30 | 000,000,000 | ---- | M] () -- C:\Users\widleBOY\.gtk-bookmarks
[2010/11/25 06:57:00 | 000,423,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/24 18:19:46 | 000,003,584 | ---- | M] () -- C:\Users\widleBOY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/23 22:40:30 | 000,062,544 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/11/23 22:40:30 | 000,062,544 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/11/23 16:40:28 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/11/23 16:10:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/11/23 16:08:25 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2010/11/23 15:10:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N61Vn.alu
[2010/11/23 14:55:11 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010/11/23 14:55:10 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

========== Files Created - No Company Name ==========

[2010/11/27 10:58:14 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/26 19:49:56 | 003,064,794 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/26 14:52:06 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml
[2010/11/25 17:31:54 | 000,000,045 | -H-- | C] () -- C:\Windows\dos12080.dat
[2010/11/25 17:19:30 | 000,000,000 | ---- | C] () -- C:\Users\widleBOY\.gtk-bookmarks
[2010/11/24 18:07:04 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/11/24 18:03:51 | 000,053,904 | ---- | C] () -- C:\Windows\SysNative\wbload.dll
[2010/11/23 22:30:09 | 3220,623,360 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/23 16:48:01 | 000,003,584 | ---- | C] () -- C:\Users\widleBOY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/23 16:40:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/11/23 16:10:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/11/23 15:10:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N61Vn.alu
[2009/10/20 17:51:33 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/20 17:35:22 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/10/20 17:34:51 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/10/20 17:26:39 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/10/20 17:26:24 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/10/20 17:25:08 | 000,000,106 | ---- | C] () -- C:\ProgramData\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}.log
[2009/10/20 17:22:15 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/10/20 17:21:14 | 000,000,115 | ---- | C] () -- C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
[2009/08/19 09:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:01:09 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/02 02:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/06/12 17:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2006/05/19 04:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

< End of report >

defender3 · Příspěvekod **defender3** » 27 lis 2010 11:28

Tady je druhý log z OTL ( Extras.txt )

OTL Extras logfile created on: 11/27/2010 11:22:27 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\widleBOY\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 74.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.11 Gb Total Space | 412.16 Gb Free Space | 91.37% Space Free | Partition Type: NTFS

Computer Name: WIDLEBOY-PC | User Name: widleBOY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"PROHYBRIDR" = 2007 Microsoft Office system

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/23/2010 9:54:47 AM | Computer Name = widleBOY-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

Error - 11/24/2010 2:57:00 PM | Computer Name = widleBOY-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 11/24/2010 3:04:14 PM | Computer Name = widleBOY-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 11/24/2010 3:04:47 PM | Computer Name = widleBOY-PC | Source = MsiInstaller | ID = 1024
Description =

[ System Events ]
Error - 11/23/2010 5:41:06 PM | Computer Name = widleBOY-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Search přestala během spouštění reagovat.

Error - 11/24/2010 2:57:03 PM | Computer Name = widleBOY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Aktualizace zabezpečení dále distribuovatelného balíčku
Microsoft Visual C++ 2005 Service Pack 1 (KB973923).

Error - 11/24/2010 3:04:47 PM | Computer Name = widleBOY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Aktualizace Microsoft Office Suite 2007 Service Pack
2 (SP2).

Error - 11/25/2010 1:55:18 AM | Computer Name = widleBOY-PC | Source = Application Popup | ID = 877
Description = Při zpracování databáze ovladačů došlo k chybě [DATABASE OPEN FAILED].

Error - 11/26/2010 10:07:58 AM | Computer Name = widleBOY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Windows Live Essentials 2011 (KB2434419).

< End of report >

Příspěvekod **jaro3** » 28 lis 2010 17:11

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Reg Error: Key error. File not found
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\WB: DllName - Reg Error: Key error. - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[2010/11/26 20:26:15 | 000,692,630 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010/11/26 20:26:15 | 000,635,084 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2010/11/26 20:26:15 | 000,634,546 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/11/26 20:26:15 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/26 20:26:15 | 000,149,154 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2010/11/26 20:26:15 | 000,135,684 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010/11/26 20:26:15 | 000,123,104 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/11/26 20:26:15 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\_MSRSTRT.EXE
C:\Users\widleBOY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\SysNative\drivers\etc\tmvsthfud.bin   
C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\asus.dat
C:\Windows\dos12080.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

defender3 · Příspěvekod **defender3** » 28 lis 2010 19:18

Když jsem to vložil do OLT, tak se to zaseklo u řádku " Processing IE - HKCU\Software\Microsoft\Internet Explorer\Main, Search page = ... , takže jsem jej odstranil a vložil to do toho okénka znovu, proběhlo to - > reboot PC a log je zde :

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\perfh015.dat moved successfully.
C:\Windows\SysNative\perfh00E.dat moved successfully.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc00E.dat moved successfully.
C:\Windows\SysNative\perfc015.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\Windows\_MSRSTRT.EXE moved successfully.
C:\Users\widleBOY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\SysNative\drivers\etc\tmvsthfud.bin moved successfully.
C:\Windows\SysNative\drivers\etc\tmvsthfss.bin moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: widleBOY
->Temp folder emptied: 5183743 bytes
->Temporary Internet Files folder emptied: 13026424 bytes
->Flash cache emptied: 58812 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3648 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 19482398 bytes

Total Files Cleaned = 36.00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11282010_190315

Files\Folders moved on Reboot...
C:\Users\widleBOY\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Poté jsem provedl ten Virustotal, ale problém je v tom že asus.dat je složka se soubory, takže se to otevře, ale chce to po mě, abych otevřel nějaký soubor. Ten druhý šel v pohodě.

http://www.virustotal.com/file-scan/rep ... 1290968039

Příspěvekod **jaro3** » 28 lis 2010 20:45

tak to bude v pořádku , ta složka, jak to vypadá?

defender3 · Příspěvekod **defender3** » 29 lis 2010 14:28

Vypadá to fajně, díky, mám to označit za vyřešené? Nebo ještě něco vyčistit?

Příspěvekod **jaro3** » 29 lis 2010 21:39

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Kontrola logu, díky + Vyřešeno

Kontrola logu, díky +

Re: Kontrola logu, díky

Re: Kontrola logu, díky

Re: Kontrola logu, díky

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky +

Re: Kontrola logu, díky + Vyřešeno

Kdo je online