po nainstalování win 7 mi nefunguje některý hardware

loscrudos · Příspěvekod **loscrudos** » 20 led 2012 18:29

nejsou tam........zkusím ještě ten combofix

Reklama

loscrudos · Příspěvekod **loscrudos** » 20 led 2012 19:03

tady je ten log:

ComboFix 12-01-19.02 - pepe 20.01.2012 18:32:35.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4095.2817 [GMT 1:00]
Spuštěný z: c:\users\pepe\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pepe\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\1.reg"
"C:\avexport.bat"
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-20 do 2012-01-20 )))))))))))))))))))))))))))))))
.
.
2012-01-20 17:40 . 2012-01-20 17:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-20 14:16 . 2012-01-20 14:39 -------- d-----w- c:\users\pepe\AppData\Roaming\Nitro PDF
2012-01-20 14:15 . 2011-12-20 09:10 17192 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-20 14:15 . 2011-12-20 09:10 28968 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-01-20 14:15 . 2012-01-20 14:15 -------- d-----w- c:\programdata\Nitro PDF
2012-01-20 14:15 . 2012-01-20 14:15 -------- d-----w- c:\program files\Common Files\Nitro PDF
2012-01-20 14:15 . 2012-01-20 14:15 -------- d-----w- c:\program files (x86)\Nitro PDF
2012-01-20 14:15 . 2012-01-20 14:15 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2012-01-20 14:13 . 2012-01-20 14:13 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-01-20 14:13 . 2012-01-20 14:13 -------- d-----w- c:\users\pepe\AppData\Roaming\OpenCandy
2012-01-20 14:01 . 2012-01-20 14:01 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-20 14:01 . 2012-01-20 14:01 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-01-20 06:54 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEF65513-13D5-4786-A115-3DBE186138D6}\mpengine.dll
2012-01-19 18:32 . 2012-01-19 18:32 -------- d-----w- c:\users\pepe\AppData\Roaming\Malwarebytes
2012-01-19 18:32 . 2012-01-19 18:32 -------- d-----w- c:\users\pepe\AppData\Local\Apps
2012-01-19 18:32 . 2012-01-19 18:32 -------- d-----w- c:\programdata\Malwarebytes
2012-01-19 18:32 . 2012-01-19 18:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-19 18:32 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-19 12:17 . 2012-01-19 12:17 61440 ----a-w- c:\windows\SysWow64\drivers\gxsvc.sys
2012-01-19 11:52 . 2012-01-19 11:52 1172 ----a-w- C:\1.reg
2012-01-19 11:52 . 2012-01-19 11:52 61440 ------w- c:\windows\SysWow64\drivers\lnvxsw.sys
2012-01-19 11:52 . 2012-01-19 11:52 13233 ----a-w- C:\avexport.bat
2012-01-19 09:25 . 2012-01-19 09:25 388096 ----a-r- c:\users\pepe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-19 09:25 . 2012-01-19 09:25 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-18 13:03 . 2012-01-18 13:03 -------- d-----w- c:\program files\CCleaner
2012-01-18 09:35 . 2012-01-18 09:45 -------- d-----w- c:\users\pepe\AppData\Roaming\FreshDiagnose
2012-01-18 09:35 . 2012-01-18 09:35 -------- d-----w- c:\program files (x86)\FreshDevices
2012-01-11 14:19 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 14:19 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 14:19 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 14:19 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 14:19 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 14:19 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 14:19 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 14:19 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 10:14 . 2012-01-20 16:26 -------- d-----w- C:\Garmin
2012-01-11 10:07 . 2012-01-11 10:07 -------- d-----w- c:\programdata\GARMIN
2012-01-11 09:53 . 2012-01-11 09:53 -------- d-----w- c:\program files\DIFX
2012-01-11 09:53 . 2012-01-11 09:53 -------- d-----w- c:\program files (x86)\Garmin
2012-01-10 20:41 . 1998-10-02 18:00 327168 ----a-w- c:\windows\IsUninst.exe
2012-01-10 17:53 . 2012-01-15 00:23 -------- d-----w- c:\users\pepe\AppData\Local\Deployment
2012-01-09 21:05 . 2011-10-15 08:53 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-01-09 21:05 . 2011-10-15 08:53 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-01-09 20:49 . 2007-01-04 02:20 1732 ----a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-09 20:49 . 2007-02-14 08:56 371200 ----a-w- c:\windows\system32\nvusmu.exe
2012-01-09 20:49 . 2006-11-08 23:49 369152 ----a-w- c:\windows\system32\nvusmb.exe
2012-01-09 20:49 . 2012-01-09 20:49 -------- d-----w- c:\users\pepe\AppData\Roaming\InstallShield
2012-01-09 20:48 . 2012-01-09 20:48 -------- d-----w- C:\swsetup
2012-01-09 14:19 . 2012-01-19 03:18 -------- d-----w- c:\users\UpdatusUser
2012-01-09 14:11 . 2011-10-15 08:53 1533248 ----a-w- c:\windows\system32\nvdispco64.dll
2012-01-09 14:11 . 2011-10-15 08:53 1454400 ----a-w- c:\windows\system32\nvgenco64.dll
2012-01-09 13:44 . 2012-01-09 13:44 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-09 13:43 . 2012-01-09 13:43 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-09 13:43 . 2012-01-09 13:43 -------- d-----w- c:\program files (x86)\Java
2012-01-08 13:06 . 2012-01-08 13:06 -------- d-----w- c:\programdata\Premium
2012-01-08 13:05 . 2012-01-08 13:07 -------- d-----w- c:\programdata\InstallMate
2012-01-06 21:27 . 2012-01-18 12:21 -------- d-----w- c:\programdata\NVIDIA
2012-01-06 21:20 . 2011-10-15 08:53 539456 ----a-w- c:\windows\system32\nvhotkey.dll
2012-01-06 21:20 . 2011-10-15 08:53 137536 ----a-w- c:\windows\system32\nvshext.dll
2012-01-06 21:20 . 2011-10-15 08:53 5067584 ----a-w- c:\windows\system32\nvsvc64.dll
2012-01-06 21:20 . 2011-10-15 08:53 1640768 ----a-w- c:\windows\system32\nvvsvc.exe
2012-01-06 21:20 . 2011-10-15 08:53 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2012-01-06 21:20 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-06 21:20 . 2011-10-15 08:53 222528 ----a-w- c:\windows\system32\nvmctray.dll
2012-01-06 21:20 . 2011-10-15 08:53 10406208 ----a-w- c:\windows\system32\nvcpl.dll
2012-01-06 21:20 . 2012-01-06 21:20 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-01-06 11:35 . 2012-01-11 10:07 -------- d-----w- c:\users\pepe\AppData\Roaming\Garmin
2012-01-06 09:41 . 2012-01-06 09:41 -------- d-----w- c:\users\pepe\AppData\Local\Diagnostics
2012-01-06 09:30 . 2011-10-15 08:53 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-01-06 09:30 . 2011-10-15 08:53 2808128 ----a-w- c:\windows\system32\nvapi64.dll
2012-01-06 09:30 . 2011-05-21 06:01 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll
2012-01-06 09:30 . 2011-05-21 06:01 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll
2012-01-06 09:30 . 2011-05-21 06:01 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2012-01-06 09:22 . 2009-07-24 09:49 114688 ----a-w- c:\windows\SysWow64\RicohMediadriverVer.dll
2012-01-05 09:32 . 2012-01-05 09:32 -------- d-----w- c:\windows\system32\appmgmt
2012-01-05 08:56 . 2012-01-05 08:56 -------- d-----w- c:\users\pepe\AppData\Local\ElevatedDiagnostics
2012-01-04 12:14 . 2006-06-19 12:01 69632 ----a-w- c:\windows\SysWow64\ztvcabinet.dll
2012-01-04 12:14 . 2006-05-25 14:52 162304 ----a-w- c:\windows\SysWow64\ztvunrar36.dll
2012-01-04 12:14 . 2005-08-26 00:50 77312 ----a-w- c:\windows\SysWow64\ztvunace26.dll
2012-01-04 12:14 . 2003-02-02 19:06 153088 ----a-w- c:\windows\SysWow64\UNRAR3.dll
2012-01-04 12:14 . 2002-03-06 00:00 75264 ----a-w- c:\windows\SysWow64\unacev2.dll
2012-01-03 18:25 . 2012-01-18 13:05 -------- d-----w- c:\users\pepe\AppData\Roaming\Skype
2012-01-03 18:25 . 2012-01-03 18:27 -------- d-----r- c:\program files (x86)\Skype
2012-01-03 18:25 . 2012-01-03 18:25 -------- d-----w- c:\programdata\Skype
2012-01-03 11:25 . 2012-01-03 11:25 -------- d-----w- c:\program files (x86)\COMODO
2012-01-02 12:37 . 2012-01-11 17:21 -------- d-----w- C:\fota
2011-12-28 12:39 . 2011-12-28 12:39 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-12-28 12:39 . 2011-12-28 12:39 -------- d-----w- c:\windows\PCHEALTH
2011-12-28 12:39 . 2011-12-28 12:39 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-12-28 12:39 . 2011-12-28 12:39 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-12-28 12:36 . 2011-12-28 12:36 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-12-28 12:35 . 2011-12-28 12:35 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-12-28 12:34 . 2011-12-28 12:34 -------- d-----w- c:\users\pepe\AppData\Local\Microsoft Help
2011-12-28 12:34 . 2012-01-11 22:57 -------- d-----w- c:\programdata\Microsoft Help
2011-12-28 12:33 . 2011-12-28 12:33 -------- d-----r- C:\MSOCache
2011-12-28 12:30 . 2012-01-20 09:14 -------- d-----w- c:\users\MS Office 2010
2011-12-28 11:53 . 2012-01-18 13:05 -------- d-----w- c:\users\pepe\AppData\Roaming\DAEMON Tools Lite
2011-12-28 11:53 . 2011-12-28 11:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-12-23 18:21 . 2012-01-20 16:27 -------- d-----w- c:\program files (x86)\Seznam.cz
2011-12-23 18:20 . 2012-01-15 00:43 -------- d-----w- c:\users\pepe\AppData\Local\MusicJet
2011-12-23 08:17 . 2011-12-28 12:39 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-12-23 08:04 . 2011-12-23 08:04 -------- d-----w- c:\windows\SysWow64\Wat
2011-12-23 08:04 . 2011-12-23 08:04 -------- d-----w- c:\windows\system32\Wat
2011-12-22 07:32 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-22 07:31 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-12-22 07:31 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-12-22 07:31 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys
2011-12-22 07:31 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-22 07:31 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-22 07:31 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-22 07:31 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-18 11:59 . 2011-11-10 12:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-28 18:01 . 2011-11-10 12:16 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-11-10 12:16 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-11-10 12:16 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-11-10 12:16 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-11-10 12:16 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-11-10 12:16 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-11-10 12:16 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-11-10 12:16 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-11-10 12:16 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2011-11-10 12:18 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-28 22:55 . 2011-10-28 22:55 1372672 ----a-w- c:\windows\SysWow64\VSFilter.dll
2011-10-23 05:56 . 2011-10-23 05:56 4738560 ----a-w- c:\windows\SysWow64\x264vfw.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-12-20 341800]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.69.5 192.168.254.128
FF - ProfilePath - c:\users\pepe\AppData\Roaming\Mozilla\Firefox\Profiles\5p4tow9k.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-20 18:52:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-20 17:52
ComboFix2.txt 2012-01-20 15:31
ComboFix3.txt 2012-01-20 12:24
ComboFix4.txt 2012-01-20 09:14
.
Před spuštěním: Volných bajtů: 15 880 544 256
Po spuštění: Volných bajtů: 15 810 207 744
.
- - End Of File - - 811A4790AA0EF04032F2B40B9B0B5C36
Nahr nˇ probŘhlo ŁspŘçnŘ

Příspěvekod **jaro3** » 20 led 2012 19:37

Nemaže..

c:\windows\SysWow64\drivers\lnvxsw.sys
C:\1.reg
C:\avexport.bat

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://leteckaposta.cz/323994438
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

+
Stáhni si aswMBR

na svojí plochu.Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu , vlož sem celý obsak toho logu.

loscrudos · Příspěvekod **loscrudos** » 20 led 2012 22:56

takže tady je ten OTL.txt:

OTL logfile created on: 20.1.2012 22:36:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\pepe\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,23% Memory free
8,00 Gb Paging File | 6,79 Gb Available in Paging File | 84,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 67,60 Gb Total Space | 15,77 Gb Free Space | 23,33% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 0,94 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive F: | 3,68 Gb Total Space | 3,45 Gb Free Space | 93,72% Space Free | Partition Type: FAT32

Computer Name: PEPE-PC | User Name: pepe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\pepe\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Win7codecs\filters\ffdshow.ax ()
MOD - C:\Windows\SysWOW64\ff_acm.acm ()
MOD - C:\Windows\SysWOW64\ac3filter.acm ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (NitroReaderDriverReadSpool2) -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (HBtnKey) -- C:\Windows\SysNative\drivers\CPQBttn64.sys (Hewlett-Packard Development Company, L.P.)
DRV - (ujvokxm) -- C:\Windows\system32\drivers\gxsvc.sys ()
DRV - (ghxk) -- C:\Windows\system32\drivers\lnvxsw.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 16:55:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.20 07:53:18 | 000,000,000 | ---D | M]

[2012.01.20 07:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepe\AppData\Roaming\Mozilla\Extensions
[2012.01.20 07:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.01.03 19:27:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.01.20 07:53:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 06:38:17 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.01.20 18:42:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.69.5 192.168.254.128
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFE0B30F-5AB8-4E48-8868-9F8BC0307D95}: DhcpNameServer = 192.168.69.5 192.168.254.128
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) -C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) -C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

loscrudos · Příspěvekod **loscrudos** » 20 led 2012 22:57

========== Files/Folders - Created Within 30 Days ==========

[2012.01.20 22:32:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\pepe\Desktop\OTL.exe
[2012.01.20 19:04:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.01.20 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Nitro PDF
[2012.01.20 15:15:47 | 000,028,968 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2012.01.20 15:15:47 | 000,017,192 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2012.01.20 15:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2012.01.20 15:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2012.01.20 15:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2012.01.20 15:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
[2012.01.20 15:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012.01.20 15:13:07 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\OpenCandy
[2012.01.20 15:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012.01.20 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.01.20 15:01:43 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.20 15:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.01.20 09:50:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.01.20 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Mozilla
[2012.01.19 19:32:31 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Malwarebytes
[2012.01.19 19:32:26 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Apps
[2012.01.19 19:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.19 19:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.19 19:32:21 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.19 19:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.19 18:41:12 | 000,000,000 | R--D | C] -- C:\Users\pepe\Documents\Scanned Documents
[2012.01.19 18:41:11 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Fax
[2012.01.19 10:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012.01.19 10:25:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.01.18 14:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.18 14:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.18 13:18:55 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.01.18 13:18:55 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.01.18 13:18:55 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.01.18 13:18:53 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.01.18 13:18:53 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.01.18 13:18:53 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.01.18 13:18:53 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.01.18 13:18:53 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.01.18 13:18:52 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.01.18 13:18:52 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.01.18 13:18:52 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.01.18 13:18:52 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.01.18 13:18:52 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.01.18 13:18:52 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.01.18 13:10:35 | 200,776,520 | ---- | C] (NVIDIA Corporation) -- C:\Users\pepe\Desktop\285.62-notebook-win7-winvista-64bit-international-whql.exe
[2012.01.18 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\FreshDiagnose
[2012.01.18 10:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices
[2012.01.18 10:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreshDevices
[2012.01.11 20:29:09 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
[2012.01.11 15:19:48 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 15:19:47 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 15:19:46 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 15:19:45 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 15:19:36 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.11 15:19:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.11 15:19:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 15:19:26 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 15:19:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 11:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2012.01.11 11:14:59 | 000,000,000 | ---D | C] -- C:\Garmin
[2012.01.11 11:07:30 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Můj Garmin
[2012.01.11 11:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2012.01.11 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin
[2012.01.11 10:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.01.11 10:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MapSource
[2012.01.11 10:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2012.01.10 21:41:47 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012.01.10 18:53:39 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Deployment
[2012.01.09 22:05:27 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.01.09 22:05:27 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.01.09 21:49:28 | 000,371,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmu.exe
[2012.01.09 21:49:24 | 000,369,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmb.exe
[2012.01.09 21:49:07 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\InstallShield
[2012.01.09 21:48:58 | 000,000,000 | ---D | C] -- C:\swsetup
[2012.01.09 15:11:29 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.01.09 15:11:29 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012.01.09 14:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.01.09 14:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.01.09 14:43:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.09 14:43:32 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.09 14:43:32 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.09 14:43:32 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.09 14:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.01.08 14:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012.01.08 14:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.01.06 22:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.01.06 22:20:31 | 000,539,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll
[2012.01.06 22:20:31 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.01.06 22:20:30 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.01.06 22:20:29 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.01.06 22:20:29 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.01.06 22:20:29 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2012.01.06 22:20:29 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.01.06 22:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.01.06 12:35:55 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Garmin
[2012.01.06 10:41:48 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Diagnostics
[2012.01.06 10:30:38 | 008,791,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.01.06 10:30:37 | 002,808,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.01.06 10:30:37 | 001,496,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420150.dll
[2012.01.06 10:30:37 | 001,427,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642090.dll
[2012.01.06 10:30:37 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012.01.06 10:22:54 | 000,114,688 | ---- | C] (RICOH) -- C:\Windows\SysWow64\RicohMediadriverVer.dll
[2012.01.06 09:35:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012.01.05 10:32:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.01.05 09:56:03 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\ElevatedDiagnostics
[2012.01.04 13:16:35 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Simply Super Software
[2012.01.04 13:14:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2012.01.03 19:25:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Skype
[2012.01.03 19:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.01.03 19:25:18 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.01.03 19:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.01.03 12:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.01.03 12:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO
[2012.01.02 13:37:28 | 000,000,000 | ---D | C] -- C:\fota
[2011.12.28 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.12.28 13:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.12.28 13:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.28 13:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.12.28 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.12.28 13:36:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.12.28 13:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.12.28 13:34:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Microsoft Help
[2011.12.28 13:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.12.28 13:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.12.28 13:33:38 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011.12.28 12:53:52 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\DAEMON Tools Lite
[2011.12.28 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.12.23 19:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2011.12.23 19:20:51 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\MusicJet
[2011.12.23 19:20:42 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicJet
[2011.12.23 09:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.12.23 09:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.12.23 09:04:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.12.23 09:04:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.12.22 08:33:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.22 08:33:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.22 08:33:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.22 08:33:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.22 08:33:14 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.22 08:33:14 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.22 08:33:14 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.22 08:33:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.22 08:33:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.22 08:33:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.22 08:33:12 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.22 08:33:12 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.22 08:33:12 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.22 08:33:12 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.22 08:33:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.22 08:33:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.22 08:32:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.12.22 08:32:35 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.12.22 08:32:23 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.12.22 08:32:22 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.12.22 08:32:22 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.12.22 08:32:22 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.12.22 08:32:21 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.12.22 08:32:21 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.12.22 08:32:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.12.22 08:31:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.12.22 08:31:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.12.22 08:31:49 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.22 08:31:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.09.25 16:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll

========== Files - Modified Within 30 Days ==========

[2012.01.20 22:32:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.20 22:32:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.20 22:29:40 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.20 22:29:40 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.20 22:29:40 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.20 22:29:40 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.20 22:29:40 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.20 22:29:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\pepe\Desktop\OTL.exe
[2012.01.20 22:24:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.20 22:24:30 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.20 22:10:35 | 000,000,131 | ---- | M] () -- C:\Windows\CRC.INI
[2012.01.20 22:07:04 | 000,002,464 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_220659.reg
[2012.01.20 18:42:34 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.20 17:25:41 | 000,002,500 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_172534.reg
[2012.01.20 15:15:42 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012.01.20 15:13:09 | 000,001,980 | ---- | M] () -- C:\Users\pepe\Desktop\CrystalDiskInfo.lnk
[2012.01.20 15:02:56 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.01.20 15:01:43 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.20 08:29:46 | 000,004,092 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_082926.reg
[2012.01.20 07:53:21 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.19 19:32:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 13:17:18 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\gxsvc.sys
[2012.01.19 12:52:01 | 000,001,172 | ---- | M] () -- C:\1.reg
[2012.01.19 12:52:00 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\lnvxsw.sys
[2012.01.19 12:52:00 | 000,013,233 | ---- | M] () -- C:\avexport.bat
[2012.01.19 10:25:36 | 000,002,971 | ---- | M] () -- C:\Users\pepe\Desktop\HiJackThis.lnk
[2012.01.18 14:03:08 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.18 13:11:01 | 200,776,520 | ---- | M] (NVIDIA Corporation) -- C:\Users\pepe\Desktop\285.62-notebook-win7-winvista-64bit-international-whql.exe
[2012.01.18 12:59:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.18 12:57:41 | 000,007,600 | ---- | M] () -- C:\Users\pepe\AppData\Local\Resmon.ResmonCfg
[2012.01.18 10:35:12 | 000,001,182 | ---- | M] () -- C:\Users\pepe\Desktop\FreshDiagnose.lnk
[2012.01.11 20:29:09 | 000,000,779 | ---- | M] () -- C:\Users\pepe\Desktop\vanBasco's Karaoke Player.lnk
[2012.01.11 16:02:26 | 000,024,596 | ---- | M] () -- C:\Users\pepe\Documents\evropa 2011.gdb
[2012.01.11 11:59:32 | 000,002,115 | ---- | M] () -- C:\Users\pepe\Documents\mapa.gdb
[2012.01.11 10:53:05 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\MapSource.lnk
[2012.01.09 14:43:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.09 14:43:12 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.09 14:43:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.09 14:43:12 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.06 10:00:25 | 000,438,840 | RHS- | M] () -- C:\bootxez
[2012.01.06 10:00:25 | 000,206,312 | RHS- | M] () -- C:\XELDZ
[2012.01.06 10:00:25 | 000,009,216 | RHS- | M] () -- C:\XELDZ.1st
[2012.01.03 19:25:24 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.12.29 08:57:18 | 000,415,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.23 19:20:42 | 000,000,308 | ---- | M] () -- C:\Users\pepe\Desktop\MusicJet.appref-ms
[2011.12.23 09:09:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.12.23 09:08:38 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

========== Files Created - No Company Name ==========

[2012.01.20 22:07:02 | 000,002,464 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_220659.reg
[2012.01.20 17:25:38 | 000,002,500 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_172534.reg
[2012.01.20 15:15:42 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012.01.20 15:15:41 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk
[2012.01.20 15:13:09 | 000,001,980 | ---- | C] () -- C:\Users\pepe\Desktop\CrystalDiskInfo.lnk
[2012.01.20 15:02:56 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.01.20 08:29:32 | 000,004,092 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_082926.reg
[2012.01.20 07:53:21 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.20 07:53:21 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.19 19:32:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 13:17:18 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\gxsvc.sys
[2012.01.19 12:52:01 | 000,001,172 | ---- | C] () -- C:\1.reg
[2012.01.19 12:52:00 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\lnvxsw.sys
[2012.01.19 12:52:00 | 000,013,233 | ---- | C] () -- C:\avexport.bat
[2012.01.19 10:25:36 | 000,002,971 | ---- | C] () -- C:\Users\pepe\Desktop\HiJackThis.lnk
[2012.01.18 14:03:08 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.18 10:35:12 | 000,001,182 | ---- | C] () -- C:\Users\pepe\Desktop\FreshDiagnose.lnk
[2012.01.11 20:29:09 | 000,000,779 | ---- | C] () -- C:\Users\pepe\Desktop\vanBasco's Karaoke Player.lnk
[2012.01.11 16:02:26 | 000,024,596 | ---- | C] () -- C:\Users\pepe\Documents\evropa 2011.gdb
[2012.01.11 11:44:56 | 000,002,115 | ---- | C] () -- C:\Users\pepe\Documents\mapa.gdb
[2012.01.11 10:53:05 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\MapSource.lnk
[2012.01.09 21:49:35 | 000,003,903 | ---- | C] () -- C:\Windows\SysNative\nvnrm.nvu
[2012.01.09 21:49:32 | 000,001,732 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2012.01.09 21:49:28 | 000,000,528 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu
[2012.01.09 21:49:24 | 000,001,864 | ---- | C] () -- C:\Windows\SysNative\nvsmb.nvu
[2012.01.09 15:11:30 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.01.04 13:14:56 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012.01.04 13:14:56 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2012.01.04 13:14:56 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012.01.04 13:14:56 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012.01.03 19:25:24 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.01.03 12:27:52 | 000,000,131 | ---- | C] () -- C:\Windows\CRC.INI
[2012.01.03 12:23:33 | 000,007,600 | ---- | C] () -- C:\Users\pepe\AppData\Local\Resmon.ResmonCfg
[2011.12.23 19:20:42 | 000,000,308 | ---- | C] () -- C:\Users\pepe\Desktop\MusicJet.appref-ms
[2011.12.23 09:08:38 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.10.23 06:56:16 | 004,738,560 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.07.12 15:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.04 13:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 16:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

========== LOP Check ==========

[2012.01.18 14:05:16 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\DAEMON Tools Lite
[2012.01.18 10:45:51 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\FreshDiagnose
[2012.01.11 11:07:30 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\Garmin
[2012.01.05 10:10:13 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\GHISLER
[2011.12.08 13:42:51 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\Guitar Pro 6
[2012.01.20 15:39:59 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\Nitro PDF
[2012.01.20 15:13:15 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\OpenCandy
[2011.11.10 18:28:40 | 000,000,000 | ---D | M] -- C:\Users\pepe\AppData\Roaming\Win7codecs
[2012.01.12 06:58:20 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

loscrudos · Příspěvekod **loscrudos** » 20 led 2012 22:58

tady to extras.txt

OTL Extras logfile created on: 20.1.2012 22:36:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\pepe\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,23% Memory free
8,00 Gb Paging File | 6,79 Gb Available in Paging File | 84,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 67,60 Gb Total Space | 15,77 Gb Free Space | 23,33% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 0,94 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive F: | 3,68 Gb Total Space | 3,45 Gb Free Space | 93,72% Space Free | Partition Type: FAT32

Computer Name: PEPE-PC | User Name: pepe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{E0CEA738-9320-49BE-BB3C-70680039DCA4}" = Nitro Reader 2
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9ACC9F63-CF54-46D7-9140-D40E57564EDA}_is1" = COMODO Registry Cleaner 1.0.17.23
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5A82A64-AA95-4BB0-8270-371BE1ADD26A}" = ATLAS Czech 2011.5 NT
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"avast" = avast! Free Antivirus
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3b
"DAEMON Tools Lite" = DAEMON Tools Lite
"FreshDevices - FreshDiagnose_is1" = FreshDiagnose
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.60.0.1800
"MapSource" = MapSource
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Totalcmd" = Total Commander (Remove or Repair)
"VLC HovNet TV_is1" = VLC HovNet TV 1.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = ESENT | ID = 455
Description = Windows (2936) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00007.log
došlo k chybě -1811.

Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 20.1.2012 17:25:21 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 20.1.2012 17:25:24 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 20.1.2012 17:25:24 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 20.1.2012 17:25:24 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 20.1.2012 17:25:24 | Computer Name = pepe-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 20.1.2012 11:19:26 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ghxk ujvokxm

Error - 20.1.2012 13:32:23 | Computer Name = pepe-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 20.1.2012 13:32:23 | Computer Name = pepe-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 20.1.2012 13:35:46 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 20.1.2012 13:40:15 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 20.1.2012 13:41:59 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ghxk ujvokxm

Error - 20.1.2012 14:04:50 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ghxk ujvokxm

Error - 20.1.2012 17:25:11 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ghxk ujvokxm

Error - 20.1.2012 17:25:25 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 20.1.2012 17:25:25 | Computer Name = pepe-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

< End of report >

Příspěvekod **jaro3** » 20 led 2012 23:31

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (ujvokxm) -- C:\Windows\system32\drivers\gxsvc.sys ()
DRV - (ghxk) -- C:\Windows\system32\drivers\lnvxsw.sys ()
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012.01.20 07:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepe\AppData\Roaming\Mozilla\Extensions
[2012.01.20 07:53:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.01.20 18:42:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[2012.01.20 22:29:40 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.20 22:29:40 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.20 22:29:40 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.20 22:29:40 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\system32\drivers\gxsvc.sys
C:\Windows\system32\drivers\lnvxsw.sys
C:\1.reg
C:\avexport.bat
C:\bootxez
C:\XELDZ
C:\XELDZ.1st

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Potom:

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

loscrudos · Příspěvekod **loscrudos** » 21 led 2012 09:44

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service ujvokxm stopped successfully!
Service ujvokxm deleted successfully!
C:\Windows\SysWOW64\drivers\gxsvc.sys moved successfully.
Service ghxk stopped successfully!
Service ghxk deleted successfully!
C:\Windows\SysWOW64\drivers\lnvxsw.sys moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\pepe\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Windows\system32\drivers\gxsvc.sys not found.
File\Folder C:\Windows\system32\drivers\lnvxsw.sys not found.
C:\1.reg moved successfully.
C:\avexport.bat moved successfully.
C:\bootxez moved successfully.
C:\XELDZ moved successfully.
C:\XELDZ.1st moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: MS Office 2010
->Temp folder emptied: 0 bytes

User: pepe
->Temp folder emptied: 3692 bytes
->Temporary Internet Files folder emptied: 147858 bytes
->Java cache emptied: 2130802 bytes
->FireFox cache emptied: 43731329 bytes
->Flash cache emptied: 496 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2048 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 44,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01212012_093528

Files\Folders moved on Reboot...
C:\Users\pepe\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 21 led 2012 09:57

Jak vypadají nyní ty problémy? Mechanika ap . HW-..

loscrudos · Příspěvekod **loscrudos** » 21 led 2012 10:13

OTL.txt

OTL logfile created on: 21.1.2012 9:53:06 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\pepe\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 70,10% Memory free
8,00 Gb Paging File | 6,71 Gb Available in Paging File | 83,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 67,60 Gb Total Space | 15,33 Gb Free Space | 22,67% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 0,94 Gb Free Space | 13,61% Space Free | Partition Type: NTFS
Drive F: | 3,68 Gb Total Space | 3,45 Gb Free Space | 93,72% Space Free | Partition Type: FAT32

Computer Name: PEPE-PC | User Name: pepe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\pepe\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Win7codecs\filters\ffdshow.ax ()
MOD - C:\Windows\SysWOW64\ff_acm.acm ()
MOD - C:\Windows\SysWOW64\ac3filter.acm ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (NitroReaderDriverReadSpool2) -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (HBtnKey) -- C:\Windows\SysNative\drivers\CPQBttn64.sys (Hewlett-Packard Development Company, L.P.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 16:55:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.20 07:53:18 | 000,000,000 | ---D | M]

[2012.01.21 09:39:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepe\AppData\Roaming\Mozilla\Extensions
[2012.01.21 09:45:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.01.21 09:35:33 | 000,000,002 | RH-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.69.5 192.168.254.128
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFE0B30F-5AB8-4E48-8868-9F8BC0307D95}: DhcpNameServer = 192.168.69.5 192.168.254.128
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.01.21 09:51:04 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.01.21 09:51:04 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.01.21 09:51:04 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.01.21 09:51:04 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.01.21 09:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.01.21 09:35:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.20 22:32:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\pepe\Desktop\OTL.exe
[2012.01.20 19:04:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.01.20 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Nitro PDF
[2012.01.20 15:15:47 | 000,028,968 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2012.01.20 15:15:47 | 000,017,192 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2012.01.20 15:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2012.01.20 15:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2012.01.20 15:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2012.01.20 15:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
[2012.01.20 15:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2012.01.20 15:13:07 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\OpenCandy
[2012.01.20 15:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2012.01.20 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.01.20 15:01:43 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.20 15:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.01.20 09:50:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.01.20 07:53:38 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Mozilla
[2012.01.19 19:32:31 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Malwarebytes
[2012.01.19 19:32:26 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Apps
[2012.01.19 19:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.19 19:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.19 19:32:21 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.19 19:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.19 18:41:12 | 000,000,000 | R--D | C] -- C:\Users\pepe\Documents\Scanned Documents
[2012.01.19 18:41:11 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Fax
[2012.01.19 10:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012.01.19 10:25:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.01.18 14:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.01.18 14:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.18 13:18:55 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.01.18 13:18:55 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.01.18 13:18:55 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.01.18 13:18:53 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.01.18 13:18:53 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.01.18 13:18:53 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.01.18 13:18:53 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.01.18 13:18:53 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.01.18 13:18:52 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.01.18 13:18:52 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.01.18 13:18:52 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.01.18 13:18:52 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.01.18 13:18:52 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.01.18 13:18:52 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.01.18 13:10:35 | 200,776,520 | ---- | C] (NVIDIA Corporation) -- C:\Users\pepe\Desktop\285.62-notebook-win7-winvista-64bit-international-whql.exe
[2012.01.18 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\FreshDiagnose
[2012.01.18 10:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices
[2012.01.18 10:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreshDevices
[2012.01.11 20:29:09 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
[2012.01.11 15:19:48 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 15:19:47 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 15:19:46 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 15:19:45 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 15:19:36 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.11 15:19:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.11 15:19:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 15:19:26 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 15:19:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 11:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2012.01.11 11:14:59 | 000,000,000 | ---D | C] -- C:\Garmin
[2012.01.11 11:07:30 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Můj Garmin
[2012.01.11 11:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\GARMIN
[2012.01.11 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin
[2012.01.11 10:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.01.11 10:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MapSource
[2012.01.11 10:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2012.01.10 21:41:47 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012.01.10 18:53:39 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Deployment
[2012.01.09 22:05:27 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.01.09 22:05:27 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.01.09 21:49:28 | 000,371,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmu.exe
[2012.01.09 21:49:24 | 000,369,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmb.exe
[2012.01.09 21:49:07 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\InstallShield
[2012.01.09 21:48:58 | 000,000,000 | ---D | C] -- C:\swsetup
[2012.01.09 15:11:29 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.01.09 15:11:29 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012.01.09 14:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.01.09 14:43:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.09 14:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.01.08 14:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012.01.08 14:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.01.06 22:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.01.06 22:20:31 | 000,539,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll
[2012.01.06 22:20:31 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.01.06 22:20:30 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.01.06 22:20:29 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.01.06 22:20:29 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.01.06 22:20:29 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2012.01.06 22:20:29 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.01.06 22:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.01.06 12:35:55 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Garmin
[2012.01.06 10:41:48 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Diagnostics
[2012.01.06 10:30:38 | 008,791,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.01.06 10:30:37 | 002,808,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.01.06 10:30:37 | 001,496,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420150.dll
[2012.01.06 10:30:37 | 001,427,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642090.dll
[2012.01.06 10:30:37 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012.01.06 10:22:54 | 000,114,688 | ---- | C] (RICOH) -- C:\Windows\SysWow64\RicohMediadriverVer.dll
[2012.01.06 09:35:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012.01.05 10:32:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.01.05 09:56:03 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\ElevatedDiagnostics
[2012.01.04 13:16:35 | 000,000,000 | ---D | C] -- C:\Users\pepe\Documents\Simply Super Software
[2012.01.04 13:14:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2012.01.03 19:25:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\Skype
[2012.01.03 19:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.01.03 19:25:18 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.01.03 19:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.01.03 12:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.01.03 12:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMODO
[2012.01.02 13:37:28 | 000,000,000 | ---D | C] -- C:\fota
[2011.12.28 13:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.12.28 13:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.12.28 13:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.28 13:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011.12.28 13:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.12.28 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.12.28 13:36:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.12.28 13:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.12.28 13:34:36 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\Microsoft Help
[2011.12.28 13:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.12.28 13:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.12.28 13:33:38 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011.12.28 12:53:52 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Roaming\DAEMON Tools Lite
[2011.12.28 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.12.23 19:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2011.12.23 19:20:51 | 000,000,000 | ---D | C] -- C:\Users\pepe\AppData\Local\MusicJet
[2011.12.23 09:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.12.23 09:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.12.23 09:04:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.12.23 09:04:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.09.25 16:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.21 09:50:28 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.01.21 09:50:28 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.01.21 09:50:28 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.01.21 09:50:28 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.01.21 09:37:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.21 09:37:38 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.21 09:35:33 | 000,000,002 | RH-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.21 09:07:36 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.21 09:07:36 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.21 09:05:31 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.20 22:29:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\pepe\Desktop\OTL.exe
[2012.01.20 22:10:35 | 000,000,131 | ---- | M] () -- C:\Windows\CRC.INI
[2012.01.20 22:07:04 | 000,002,464 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_220659.reg
[2012.01.20 17:25:41 | 000,002,500 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_172534.reg
[2012.01.20 15:15:42 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012.01.20 15:13:09 | 000,001,980 | ---- | M] () -- C:\Users\pepe\Desktop\CrystalDiskInfo.lnk
[2012.01.20 15:02:56 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.01.20 15:01:43 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.20 08:29:46 | 000,004,092 | ---- | M] () -- C:\Users\pepe\Documents\cc_20120120_082926.reg
[2012.01.20 07:53:21 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.19 19:32:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 10:25:36 | 000,002,971 | ---- | M] () -- C:\Users\pepe\Desktop\HiJackThis.lnk
[2012.01.18 14:03:08 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.18 13:11:01 | 200,776,520 | ---- | M] (NVIDIA Corporation) -- C:\Users\pepe\Desktop\285.62-notebook-win7-winvista-64bit-international-whql.exe
[2012.01.18 12:59:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.18 12:57:41 | 000,007,600 | ---- | M] () -- C:\Users\pepe\AppData\Local\Resmon.ResmonCfg
[2012.01.18 10:35:12 | 000,001,182 | ---- | M] () -- C:\Users\pepe\Desktop\FreshDiagnose.lnk
[2012.01.11 20:29:09 | 000,000,779 | ---- | M] () -- C:\Users\pepe\Desktop\vanBasco's Karaoke Player.lnk
[2012.01.11 16:02:26 | 000,024,596 | ---- | M] () -- C:\Users\pepe\Documents\evropa 2011.gdb
[2012.01.11 11:59:32 | 000,002,115 | ---- | M] () -- C:\Users\pepe\Documents\mapa.gdb
[2012.01.11 10:53:05 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\MapSource.lnk
[2012.01.09 14:43:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.03 19:25:24 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.12.29 08:57:18 | 000,415,584 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.23 09:09:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.12.23 09:08:38 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.20 22:07:02 | 000,002,464 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_220659.reg
[2012.01.20 17:25:38 | 000,002,500 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_172534.reg
[2012.01.20 15:15:42 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2012.01.20 15:15:41 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk
[2012.01.20 15:13:09 | 000,001,980 | ---- | C] () -- C:\Users\pepe\Desktop\CrystalDiskInfo.lnk
[2012.01.20 15:02:56 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.01.20 08:29:32 | 000,004,092 | ---- | C] () -- C:\Users\pepe\Documents\cc_20120120_082926.reg
[2012.01.20 07:53:21 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.20 07:53:21 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.01.19 19:32:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 10:25:36 | 000,002,971 | ---- | C] () -- C:\Users\pepe\Desktop\HiJackThis.lnk
[2012.01.18 14:03:08 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.18 10:35:12 | 000,001,182 | ---- | C] () -- C:\Users\pepe\Desktop\FreshDiagnose.lnk
[2012.01.11 20:29:09 | 000,000,779 | ---- | C] () -- C:\Users\pepe\Desktop\vanBasco's Karaoke Player.lnk
[2012.01.11 16:02:26 | 000,024,596 | ---- | C] () -- C:\Users\pepe\Documents\evropa 2011.gdb
[2012.01.11 11:44:56 | 000,002,115 | ---- | C] () -- C:\Users\pepe\Documents\mapa.gdb
[2012.01.11 10:53:05 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\MapSource.lnk
[2012.01.09 21:49:35 | 000,003,903 | ---- | C] () -- C:\Windows\SysNative\nvnrm.nvu
[2012.01.09 21:49:32 | 000,001,732 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2012.01.09 21:49:28 | 000,000,528 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu
[2012.01.09 21:49:24 | 000,001,864 | ---- | C] () -- C:\Windows\SysNative\nvsmb.nvu
[2012.01.09 15:11:30 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.01.04 13:14:56 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012.01.04 13:14:56 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2012.01.04 13:14:56 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012.01.04 13:14:56 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012.01.03 19:25:24 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.01.03 12:27:52 | 000,000,131 | ---- | C] () -- C:\Windows\CRC.INI
[2012.01.03 12:23:33 | 000,007,600 | ---- | C] () -- C:\Users\pepe\AppData\Local\Resmon.ResmonCfg
[2011.12.23 09:08:38 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.10.23 06:56:16 | 004,738,560 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.07.12 15:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.04 13:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 16:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2010.04.09 02:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=8C98D67A228B7C4476656B80633CD485 -- C:\NVIDIA\nForceWin7VistaInt\15.56\IDE\Win7\sataraid\nvstor32.sys
[2010.04.09 02:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=8C98D67A228B7C4476656B80633CD485 -- C:\NVIDIA\nForceWin7VistaInt\15.56\IDE\WinVista\sataraid\nvstor32.sys
[2010.04.09 02:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\NVIDIA\nForceWin7VistaInt\15.56\IDE\Win7\sata_ide\nvstor32.sys
[2010.04.09 02:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\NVIDIA\nForceWin7VistaInt\15.56\IDE\WinVista\sata_ide\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< %systemroot%\*. /mp /s >

< End of report >

loscrudos · Příspěvekod **loscrudos** » 21 led 2012 10:16

v centru akcí žádné zjištěné problémy......
ve správci zařízení vidím pořád jenom virtuálku....
se sekáním nevím.......musím chvilku nechat bez aktivity

Příspěvekod **jaro3** » 21 led 2012 10:27

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[2012.01.21 09:39:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepe\AppData\Roaming\Mozilla\Extensions
[2012.01.21 09:45:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

:Files
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Ta mechanika je připojená na IDE nebo SATA?

Pokud je na IDE , zkus odebrat prim. a sekundární řadič IDE/ATAPI a restartovat PC.
Nebo použij "Nalést nový HW. Koukni do BIOSu jestli tam je.

po nainstalování win 7 mi nefunguje některý hardware Vyřešeno

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Re: po nainstalování win 7 mi nefunguje některý hardware

Kdo je online