Prosím o pomoc, pomalý a problémový chod PC

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  "SpybotSD TeaTimer"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  "CleanSetup"=-
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"=-
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "FlashPlayerUpdate"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CleanSetup]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
  
  Driver::
  def
  Application Updater
  
  Folder::
  c:\program files\Application Updater
  
  Firefox::
  FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
  FF - prefs.js: browser.search.selectedEngine - ICQ Search
  FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.3&q
  
  RegLock::
  [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
  [HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  [HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\Software\SecuROM\License information*]
  [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\]*‘|8~*]
  
  File::
  C:\WINDOWS\tasks\Driver Robot.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004Core.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004UA.job
  C:\WINDOWS\tasks\User_Feed_Synchronization-{DB3E36F0-C33E-4F18-93D3-AD784973EBE0}.job
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[Waler22]

ComboFix 12-02-10.03 - PC 11.02.2012 22:35:04.9.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1522 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\PC\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\tasks\Driver Robot.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004UA.job"
"c:\windows\tasks\User_Feed_Synchronization-{DB3E36F0-C33E-4F18-93D3-AD784973EBE0}.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-879983540-725345543-1004UA.job
c:\windows\tasks\User_Feed_Synchronization-{DB3E36F0-C33E-4F18-93D3-AD784973EBE0}.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_APPLICATION_UPDATER
-------\Legacy_DEF
-------\Service_Application Updater
-------\Service_def
.
.
((((((((((((((((((((((((( Files Created from 2012-01-11 to 2012-02-11 )))))))))))))))))))))))))))))))
.
.
2012-02-11 17:29 . 2012-02-11 17:29 -------- d-----w- C:\TDSSKiller_Quarantine
2012-01-24 17:36 . 2012-01-27 21:49 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-01-24 17:35 . 2012-01-27 21:48 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-01-24 17:35 . 2012-01-24 17:35 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-01-24 16:19 . 2012-01-24 16:21 -------- d-----w- c:\program files\DirectX 11
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-01-30 23:13 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2009-11-15 18:55 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-05-16 08:39 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2009-11-15 18:55 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-11-15 18:55 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2009-11-15 18:55 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-11-15 18:55 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2009-11-15 18:55 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2009-11-15 18:55 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-11-15 18:55 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2006-02-28 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 15:23 . 2011-11-23 15:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:25 . 2006-02-28 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2006-02-28 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2006-02-28 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2006-02-28 12:00 152064 ----a-w- c:\windows\system32\schannel.dll
2012-02-03 02:17 . 2011-05-08 00:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Z810SysStart"="c:\program files\Connection Manager\sysctrl.exe" [2008-09-01 307200]
"Z810PNP"="c:\program files\Connection Manager\SamsungPnPServiceManager.exe" [2008-09-09 122880]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Z810SysStart"="c:\program files\Connection Manager\sysctrl.exe" [2008-09-01 307200]
"Z810PNP"="c:\program files\Connection Manager\SamsungPnPServiceManager.exe" [2008-09-09 122880]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
2008-08-12 10:03 1159168 ----a-w- c:\program files\ASUS\SmartDoctor\SmartDoctor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-02-12 13:50 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2009-04-17 13:33 54576 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\SpamBayes\\bin\\sb_tray.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"d:\\Program files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Program files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\PC\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Program files\\Warcraft III\\War3.exe"=
"d:\\Program files\\Modern Warfare 2\\iw4mp.exe"=
"d:\\Program files\\Modern Warfare 2\\iw4sp.exe"=
"d:\\Program files\\Modern Warfare 2\\iw4mp.dat"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"d:\\Program files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"d:\\Program files\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2008 13:28 691696]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [8.2.2008 18:45 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16.5.2011 9:39 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.11.2009 19:55 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.11.2009 19:55 20568]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [25.12.2008 11:55 13184]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [7.1.2012 19:12 10343168]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\aspi32.sys [23.2.2007 19:21 16512]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [17.6.2010 14:05 36640]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [14.2.2010 17:55 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [14.2.2010 17:55 8320]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [15.1.2010 22:38 47360]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [24.6.2010 14:29 98432]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [24.6.2010 14:29 100224]
S4 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [8.2.2008 18:45 140800]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.13\AMVConverter\grab.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.13\MediaManager\grab.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
LSP: xfire_lsp_9028.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-11 23:13
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Z810SysStart = c:\program files\Connection Manager\sysctrl.exe?HC???????????????9?Z}??????Z????????????59?ZXC??HC??<?A?I:?Z????<?A?????????????<?A?????4?A~????}??????????????????????????????? ?B~??A~????????Z?A~@???*?A~???????????????????????????????????????????????????
Z810PNP = c:\program files\Connection Manager\SamsungPnPServiceManager.exe???????|????h???????6??|????????@???`???x???`???|??|????????????????????????????????????????????????d??????????|p???0???A??||??????????|????H???A??|????]??|???????????|????????=??w????????????
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Z810SysStart = c:\program files\Connection Manager\sysctrl.exe?HC???????????????9?Z}??????Z????????????59?ZXC??HC??<?A?I:?Z????<?A?????????????<?A?????4?A~????}??????????????????????????????? ?B~??A~????????Z?A~@???*?A~???????????????????????????????????????????????????
Z810PNP = c:\program files\Connection Manager\SamsungPnPServiceManager.exe???????|????h???????6??|????????@???`???x???`???|??|????????????????????????????????????????????????d??????????|p???0???A??||??????????|????H???A??|????]??|???????????|????????=??w????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\]*‘|8~*]
"DisplayName"="?\11???"
"DeviceDesc"="?\11???"
"ProviderName"=""
"MFG"="? ? ?"
"ReinstallString"="c:\\WINDOWS\\System32\\ReinstallBackups\\]??\15\\DriverFiles\\.INF"
"DeviceInstanceIds"=multi:"\0c\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(672)
c:\windows\system32\xfire_lsp_9028.dll
.
- - - - - - - > 'explorer.exe'(3400)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2012-02-11 23:36:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-11 22:36
ComboFix2.txt 2012-02-10 23:34
.
Pre-Run: 8 508 743 680 bytes free
Post-Run: 8 374 849 536 voľných bajtov
.
- - End Of File - - B3370BFD9B2EAB164BDB9AEE5F5DECB1

[vyosek]

Jak se chova PC

[Waler22]

Tak pc pomaly štartuje, aj programy sú nejaké pomalšie ale Avast! po rýchlom scan-e nehlásil nič... tak neviem, čo by tomu ešte mohlo pomôcť lebo je pomalší ako predtým...
Ďakujem za pomoc pri tom vire ale Ale potreboval by som ešte radu ako ho zrýchliť alebo čo...

[vyosek]

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Dejte novy log z RSIT a napiste co PC

[Waler22]

Ospravedlňujem sa že to tu postujem trocha neskôr ale nemal som veľa času a ani na pc som moc nebol...
Takže čo ste mi povedali, som spravil, okrem úplnej defragmentácie, ostáva ešte 35%. Pc ale stále pomaly reaguje a aj štart je zdlhavejší, pár krát mi na začiatku po otváraní Mozilly vyhodilo Blue screen of death, mám aj foto ak treba.

Takže RSIT log, ktorý bol rozdelený na 2:

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2012-02-16 00:14:48
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (19%) free of 40 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:16:16, on 16.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Connection Manager\sysctrl.exe
C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Z810SysStart] C:\Program Files\Connection Manager\sysctrl.exe
O4 - HKLM\..\Run: [Z810PNP] C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [CleanSetup] cmd /C rmdir /S /Q "C:\Documents and Settings\PC\Local Settings\temp\nro.tmp\"
O4 - HKCU\..\Run: [Z810SysStart] C:\Program Files\Connection Manager\sysctrl.exe
O4 - HKCU\..\Run: [Z810PNP] C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - Unknown owner - C:\WINDOWS\ATKKBService.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7801 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, wtxpcom@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\
ffxtlbr@babylon.com
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-30 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Z810SysStart"=C:\Program Files\Connection Manager\sysctrl.exe [2008-09-01 307200]
"Z810PNP"=C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe [2008-09-09 122880]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-11 98304]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=C:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"CleanSetup"=cmd /C rmdir /S /Q C:\Documents and Settings\PC\Local Settings\temp\nro.tmp\ []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Z810SysStart"=C:\Program Files\Connection Manager\sysctrl.exe [2008-09-01 307200]
"Z810PNP"=C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe [2008-09-09 122880]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2008-08-12 1159168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\WINDOWS\FixCamera.exe [2007-02-12 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-04-17 54576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-12-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\Program Files\SpamBayes\bin\sb_tray.exe"="C:\Program Files\SpamBayes\bin\sb_tray.exe:*:Disabled:sb_tray"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"D:\Program files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Disabled:Main program for Octoshape client"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary"
"D:\Program files\Warcraft III\War3.exe"="D:\Program files\Warcraft III\War3.exe:*:Disabled:Warcraft III"
"D:\Program files\Modern Warfare 2\iw4mp.exe"="D:\Program files\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"D:\Program files\Modern Warfare 2\iw4sp.exe"="D:\Program files\Modern Warfare 2\iw4sp.exe:*:Disabled:iw4sp"
"D:\Program files\Modern Warfare 2\iw4mp.dat"="D:\Program files\Modern Warfare 2\iw4mp.dat:*:Enabled:iw4mp"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Disabled:Plugin Container for Firefox"
"D:\Program files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Disabled:Crysis2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="D:\Program files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.asv2"=asusasv2.dll
"msacm.divxa32"=msaud32_divx.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2012-02-16 00:14:47 ----D---- C:\rsit
2012-02-15 22:39:59 ----D---- C:\Documents and Settings\All Users\Application Data\Solidshield
2012-02-12 21:14:53 ----SHD---- C:\RECYCLER
2012-02-11 23:36:25 ----D---- C:\WINDOWS\temp
2012-02-11 18:29:35 ----D---- C:\TDSSKiller_Quarantine
2012-02-09 21:37:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-09 21:36:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-02-09 19:44:04 ----A---- C:\WINDOWS\ntbtlog.txt
2012-01-24 18:36:43 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2012-01-24 18:35:50 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-01-24 18:35:26 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2012-01-24 17:19:36 ----D---- C:\Program Files\DirectX 11

======List of files/folders modified in the last 1 month======

2012-02-16 00:16:16 ----D---- C:\Program Files\trend micro
2012-02-16 00:14:50 ----D---- C:\WINDOWS\Prefetch
2012-02-15 23:59:47 ----D---- C:\Documents and Settings\PC\Application Data\Skype
2012-02-15 23:20:28 ----D---- C:\Program Files\Connection Manager
2012-02-15 23:00:35 ----D---- C:\WINDOWS\system32\config
2012-02-15 22:55:43 ----D---- C:\WINDOWS\system32\wbem
2012-02-15 22:55:25 ----D---- C:\WINDOWS\Registration
2012-02-15 22:35:43 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-15 21:38:37 ----SHD---- C:\WINDOWS\Installer
2012-02-15 21:12:38 ----D---- C:\WINDOWS\Minidump
2012-02-15 21:12:38 ----D---- C:\WINDOWS
2012-02-14 23:17:20 ----D---- C:\Program Files\Mozilla Firefox
2012-02-14 17:13:06 ----D---- C:\WINDOWS\system32
2012-02-13 14:43:45 ----D---- C:\WINDOWS\system32\drivers
2012-02-12 21:40:34 ----SHD---- C:\System Volume Information
2012-02-12 21:40:34 ----D---- C:\WINDOWS\system32\Restore
2012-02-12 16:33:56 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-02-11 23:14:17 ----A---- C:\WINDOWS\system.ini
2012-02-11 23:13:27 ----D---- C:\WINDOWS\system32\drivers\etc
2012-02-11 22:57:38 ----SD---- C:\WINDOWS\Tasks
2012-02-11 22:50:39 ----D---- C:\WINDOWS\AppPatch
2012-02-11 22:50:31 ----D---- C:\Program Files\Common Files
2012-02-10 23:52:50 ----RD---- C:\Program Files
2012-02-10 14:17:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2012-02-09 22:57:09 ----D---- C:\Documents and Settings\All Users\Application Data\DriverGenius
2012-02-09 21:40:10 ----D---- C:\WINDOWS\SoftwareDistribution
2012-02-09 21:38:44 ----D---- C:\WINDOWS\system32\LogFiles
2012-02-07 14:27:45 ----D---- C:\WINDOWS\Logs
2012-02-07 14:27:45 ----D---- C:\WINDOWS\Debug
2012-02-04 12:54:21 ----D---- C:\Program Files\Valve
2012-01-30 19:29:43 ----AC---- C:\WINDOWS\NeroDigital.ini
2012-01-24 18:29:06 ----RSD---- C:\WINDOWS\assembly
2012-01-24 18:28:20 ----D---- C:\WINDOWS\system32\DirectX
2012-01-24 17:28:41 ----HD---- C:\WINDOWS\inf
2012-01-23 12:52:04 ----D---- C:\Config.Msi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-27 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R0 xmasscsi;xmasscsi; C:\WINDOWS\System32\Drivers\xmasscsi.sys [2003-12-23 5248]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-05-23 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-05-23 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-20 3960000]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-05-30 13184]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-12-11 4525056]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-05-07 10343168]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 afqmft1x;afqmft1x; C:\WINDOWS\system32\drivers\afqmft1x.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-03-31 223128]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-15 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2009-10-15 98560]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\sscdserd.sys [2009-10-15 100352]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 xmasbus;xmasbus; C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 140800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-12-11 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-01-24 66872]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

2. časť


info.txt logfile of random's system information tool 1.09 2012-02-16 00:16:22

======Uninstall list======

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader X (10.1.2) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9 -removeonly
ASUS Smart Doctor-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{37CAA669-9BA0-49F2-8462-C76269E474E8} /l1033
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 1.0\uninstall.exe
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Balík Compatibility Pack pre systém Office 2007-->MsiExec.exe /X{90120000-0020-041B-0000-0000000FF1CE}
Call of Duty Modern Warfare 2-->"D:\Program files\Modern Warfare 2\unins000.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x9 UNINST
Catalyst Control Center - Branding-->MsiExec.exe /I{4893A35F-0A23-48EC-8E74-24969244D6F2}
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Connection Manager-->"C:\Program Files\InstallShield Installation Information\{2492ACEF-8CB8-4AB7-8E60-4F89D701EAA1}\setup.exe" -runfromtemp -l0x001b -removeonly
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Crysis WARHEAD(R)-->"C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
Dealio Toolbar v4.9-->MsiExec.exe /X{454784CB-457E-4f43-8C7F-32A751BD1FA3}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DivX Setup-->C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall
Driver Genius Professional Edition 11.0.0.1112-->MsiExec.exe /I{BF051AFB-DF1D-4ABC-B884-7A26979D76FE}
EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x9 -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x9 UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x9 UNINST
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuál-->C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\SVK\USE_G\DOCUNINS.EXE
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
Free Mp3 Wma Converter V 1.91-->"C:\Program Files\Free Audio Pack\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
hama PC-Webcam RW-100-->C:\Program Files\InstallShield Installation Information\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}\setup.exe -runfromtemp -l0x0009 -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
JDownloader-->C:\Program Files\JDownloader\uninstall.exe
LG PhoneManager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EE65592-88FD-48AA-98CA-EE9BDB1FF518}\setup.exe" -l0x9 -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Access 2003 Runtime-->MsiExec.exe /I{901C0405-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011041B-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mozilla Firefox 10.0.1 (x86 sk)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Play System (Patching)-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
OLYMPUS Master 2-->MsiExec.exe /X{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
PhotoInstrument 3.0-->"C:\Program Files\PhotoInstrument\unins000.exe"
PitchPerfect Musical Instrument Tuner-->C:\Program Files\NCH Swift Sound\PitchPerfect\uninst.exe
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe" -l0x1b -removeonly
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Softvér tlačiarne EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Tagging System Thesuperads-->C:\WINDOWS\system32\sekkopzslxtxzivq.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VirtualDJ PRO Full-->MsiExec.exe /I{74F28F11-404B-4CEA-92FF-37BF476F239E}
VLC media player 1.1.11-->D:\Program files\VLC\uninstall.exe
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: SEMPRON643000
Event Code: 62464
Message: UVD Information

Record Number: 19910
Source Name: ati2mtag
Time Written: 20120213170109.000000+060
Event Type: informácie
User:

Computer Name: SEMPRON643000
Event Code: 62464
Message: UVD Information

Record Number: 19909
Source Name: ati2mtag
Time Written: 20120213170109.000000+060
Event Type: informácie
User:

Computer Name: SEMPRON643000
Event Code: 62464
Message: UVD Information

Record Number: 19908
Source Name: ati2mtag
Time Written: 20120213170109.000000+060
Event Type: informácie
User:

Computer Name: SEMPRON643000
Event Code: 62464
Message: UVD Information

Record Number: 19907
Source Name: ati2mtag
Time Written: 20120213170103.000000+060
Event Type: informácie
User:

Computer Name: SEMPRON643000
Event Code: 62464
Message: UVD Information

Record Number: 19906
Source Name: ati2mtag
Time Written: 20120213170103.000000+060
Event Type: informácie
User:

=====Application event log=====

Computer Name: SEMPRON643000
Event Code: 849
Message:
Record Number: 88804
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message:
Record Number: 88803
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message:
Record Number: 88802
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message:
Record Number: 88801
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message:
Record Number: 88800
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: SEMPRON643000
Event Code: 849
Message: Pri spustení brány firewall systému Windows bola ako výnimka uvedená aplikácia.



Pôvod politiky: Lokálna politika

Použitý profil: Štandardná

Názov: iw4mp

Cesta: D:\Program files\Modern Warfare 2\iw4mp.exe

Stav: Zapnuté

Rozsah: Všetky podsiete

Record Number: 88804
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message: Pri spustení brány firewall systému Windows bola ako výnimka uvedená aplikácia.



Pôvod politiky: Lokálna politika

Použitý profil: Štandardná

Názov: iw4mp

Cesta: D:\Program files\Modern Warfare 2\iw4mp.dat

Stav: Zapnuté

Rozsah: Všetky podsiete

Record Number: 88803
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message: Pri spustení brány firewall systému Windows bola ako výnimka uvedená aplikácia.



Pôvod politiky: Lokálna politika

Použitý profil: Štandardná

Názov: CrysisDedicatedServer_32

Cesta: D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe

Stav: Zapnuté

Rozsah: Všetky podsiete

Record Number: 88802
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message: Pri spustení brány firewall systému Windows bola ako výnimka uvedená aplikácia.



Pôvod politiky: Lokálna politika

Použitý profil: Štandardná

Názov: Crysis_32

Cesta: D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe

Stav: Zapnuté

Rozsah: Všetky podsiete

Record Number: 88801
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

Computer Name: SEMPRON643000
Event Code: 849
Message: Pri spustení brány firewall systému Windows bola ako výnimka uvedená aplikácia.



Pôvod politiky: Lokálna politika

Použitý profil: Štandardná

Názov: Crysis2

Cesta: D:\Program files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe

Stav: Vypnuté

Rozsah: Všetky podsiete

Record Number: 88800
Source Name: Security
Time Written: 20120211231335.000000+060
Event Type: auditovanie bolo úspešné
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Common Files\ArcSoft\Bin;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Pouzijte WhoCrash dle kolegy

použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

[Waler22]

Skopiroval som už aj Conclusion


Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


On Wed 15.2.2012 20:10:40 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini021512-02.dmp
This was probably caused by the following module: ati3duag.dll (ati3duag+0x8EBB0)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBF2CABB0, 0xFFFFFFFFA4D519B4, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ati3duag.dll
product: ATI Technologies Inc. Radeon DirectX Universal Driver
company: ATI Technologies Inc.
description: ati3duag.dll
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ati3duag.dll (ati3duag.dll, ATI Technologies Inc. ).
Google query: ati3duag.dll ATI Technologies Inc. KERNEL_MODE_EXCEPTION_NOT_HANDLED_M




On Wed 15.2.2012 12:36:36 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini021512-01.dmp
This was probably caused by the following module: sptd.sys (sptd+0x11894)
Bugcheck code: 0x100000D1 (0xC, 0x5, 0x1, 0xFFFFFFFFF720D5F7)
Error: CUSTOM_ERROR
file path: C:\WINDOWS\system32\drivers\sptd.sys
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: sptd.sys .
Google query: sptd.sys CUSTOM_ERROR





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

2 crash dumps have been found and analyzed. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

ati3duag.dll (ati3duag.dll, ATI Technologies Inc. )

sptd.sys

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[vyosek]

Problem zpusobyl ovladac graficke karty, mrknete na stranky vyrobce, ci tam nema nejake novejsi, pripad pokud mate nejnovejsi, tak zkuste starsi

[Waler22]

Ano, stiahol som si to, je to lepšie, už mi nevyhadzovalo Blue screen of death ale pc je stále nejaký pomalší, napríklad keď mám zapnutý google chrome a otvorím hoci len vlc player s pesničkou, tak 1 aj 2 minútky prejdú, kým sa otvorí a keď som mal niečo spustené tak pár krát mi to aj reštartovalo, len tak z ničoho nič... neviem čím to môže byť

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  type c:\boot.ini >> test.txt /c
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[Waler22]

takže ten log OTL.txt

OTL logfile created on: 19.2.2012 0:35:57 - Run 1
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Documents and Settings\PC\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,52% Memory free
2,60 Gb Paging File | 2,14 Gb Available in Paging File | 82,35% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 72,72 Gb Total Space | 1,61 Gb Free Space | 2,21% Space Free | Partition Type: NTFS

Computer Name: SEMPRON643000 | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.02.18 22:56:42 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.09.09 13:40:00 | 000,122,880 | ---- | M] () -- C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe
PRC - [2008.09.01 15:47:26 | 000,307,200 | ---- | M] () -- C:\Program Files\Connection Manager\sysctrl.exe
PRC - [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe


========== Modules (No Company Name) ==========

MOD - [2012.02.18 19:38:48 | 001,707,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12021801\algo.dll
MOD - [2012.02.18 13:55:43 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012.02.18 13:55:17 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
MOD - [2012.02.18 13:52:13 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012.02.18 13:51:46 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012.02.18 13:49:25 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012.02.18 13:49:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012.02.18 13:48:40 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2011.10.13 17:40:53 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 17:37:28 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010.01.30 21:49:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3632.28368__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.01.30 21:49:43 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.01.30 21:49:43 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.01.30 21:49:43 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3632.28362__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.01.30 21:49:42 | 000,380,928 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3632.28218__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:42 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3632.28245__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3632.28238__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3632.28229__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:40 | 001,736,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3632.28243__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:39 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3632.28345__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:39 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3632.28319__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:39 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3632.28290__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:39 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3632.28277__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:38 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3632.28229__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3632.28346__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3632.28244__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3632.28244__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:37 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3632.28389__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3632.28299__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:35 | 000,356,352 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3632.28298__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:35 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3632.28298__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:33 | 000,651,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3632.28360__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:33 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3632.28359__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:30 | 000,827,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3632.28280__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:30 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3632.28312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.01.30 21:49:30 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:29 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3632.28246__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3632.28287__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3632.28286__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:28 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3632.28247__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:28 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3632.28232__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3632.28252__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:26 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3632.28273__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3632.28278__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:26 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3632.28288__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:25 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:25 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.01.30 21:49:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3632.28279__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.01.30 21:49:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3621.42212__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.01.30 21:49:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3621.42210__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.01.30 21:49:24 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3621.42227__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.01.30 21:49:24 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3621.42278__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.01.30 21:49:24 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3621.42271__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.01.30 21:49:24 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3621.42225__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.01.30 21:49:23 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3621.42271__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.01.30 21:49:23 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.01.30 21:49:21 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3621.42190__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.01.30 21:49:21 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3621.42192__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.01.30 21:49:21 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3621.42223__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.01.30 21:49:20 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3621.42196__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.01.30 21:49:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.01.30 21:49:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3621.42329__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.01.30 21:49:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3621.42213__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.01.30 21:49:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2010.01.30 21:49:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3621.42217__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.01.30 21:49:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.01.30 21:49:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3621.42228__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.01.30 21:49:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.01.30 21:49:19 | 000,151,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3621.42202__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3621.42267__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3621.42209__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3621.42268__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3621.42241__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3621.42211__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3621.42240__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.01.30 21:49:19 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3621.42221__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.01.30 21:49:18 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3621.42274__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2010.01.30 21:49:18 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.01.30 21:49:18 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3621.42246__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.01.30 21:49:18 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3621.42244__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.01.30 21:49:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3621.42247__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3621.42226__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3621.42243__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3621.42214__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3621.42224__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3621.42241__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3621.42229__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3621.42211__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.01.30 21:49:17 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3621.42225__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.01.30 21:49:17 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3621.42213__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.01.30 21:49:16 | 000,741,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3632.28381__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010.01.30 21:49:16 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3632.28353__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.01.30 21:49:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3621.42200__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.01.30 21:49:15 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.01.30 21:49:15 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.01.30 21:49:15 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3632.28212__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.01.30 21:49:14 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3632.28338__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.01.30 21:49:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3632.28336__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.01.30 21:49:14 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3621.42192__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.01.30 21:49:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3621.42221__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.01.30 21:49:13 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3632.28237__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.01.30 21:49:13 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3621.42205__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.01.30 21:49:13 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3621.42221__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.01.30 21:49:12 | 000,577,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3632.28331__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.01.30 21:49:12 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3632.28215__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.01.30 21:49:12 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3632.28217__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.01.30 21:49:12 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3621.42219__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.01.30 21:49:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3621.42221__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.01.30 21:49:09 | 001,220,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3632.28224__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.01.30 21:49:09 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3621.42217__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.01.30 21:49:09 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3621.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.01.30 21:49:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.01.30 21:49:08 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3632.28338__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.01.30 21:49:07 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3632.28215__90ba9c70f846762e\APM.Server.dll
MOD - [2010.01.30 21:49:07 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3632.28213__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.09.09 13:40:00 | 000,122,880 | ---- | M] () -- C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe
MOD - [2008.09.01 15:47:26 | 000,307,200 | ---- | M] () -- C:\Program Files\Connection Manager\sysctrl.exe
MOD - [2008.04.14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
MOD - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
MOD - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2004.09.02 03:33:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\xfire_lsp_9028.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ATKKeyboardService)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.03.04 10:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV - [2011.12.20 08:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.12.06 04:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.04.27 03:25:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010.04.27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010.02.27 19:28:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.10.15 06:28:44 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2009.10.15 06:28:44 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2009.03.19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009.03.19 14:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.02 08:38:14 | 000,089,600 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.05.23 15:28:59 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.05.23 15:28:59 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.04.13 19:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2008.03.31 13:46:37 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2007.06.25 10:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 10:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 10:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 10:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 10:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 10:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 10:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.05.30 19:15:08 | 000,013,184 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006.06.14 13:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2006.03.26 13:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.03.20 23:45:52 | 003,960,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.03.13 10:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.02.26 22:46:20 | 000,081,408 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.23 02:15:42 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\xmasscsi.sys -- (xmasscsi)
DRV - [2003.12.21 17:24:22 | 000,140,800 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\xmasbus.sys -- (xmasbus)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.07.17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1801674531-879983540-725345543-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1801674531-879983540-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011.12.13 16:56:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.25 17:44:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 22:07:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.22 21:48:35 | 000,000,000 | ---D | M]

[2010.05.10 20:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions
[2012.01.05 02:41:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions
[2010.07.16 23:10:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.05 02:41:23 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.23 22:56:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.10.13 12:17:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\ffxtlbr@babylon.com
[2012.02.17 22:14:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-1.xml
[2011.12.25 18:22:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-10.xml
[2012.01.07 02:03:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-11.xml
[2012.02.03 03:18:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-12.xml
[2012.02.14 23:20:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-13.xml
[2012.02.17 22:08:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-14.xml
[2011.06.25 12:08:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-2.xml
[2011.08.16 22:09:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-3.xml
[2011.08.31 19:13:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-4.xml
[2011.09.07 16:43:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-5.xml
[2011.10.02 03:02:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-6.xml
[2011.10.16 08:07:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-7.xml
[2011.11.09 19:38:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-8.xml
[2011.12.10 23:22:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-9.xml
[2012.01.04 14:54:58 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.gif
[2012.01.04 14:54:58 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.src
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.xml
[2012.02.14 23:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.13 16:56:13 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2010.01.30 19:49:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.02.17 22:07:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.08 19:20:20 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012.02.08 19:20:20 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012.02.08 19:20:20 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012.02.08 19:20:20 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012.02.08 19:20:20 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012.02.08 19:20:20 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Mozilla.sk (Enabled)
CHR - default_search_provider: search_url = http://www.mozilla.sk/?s={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.150.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Documents and Settings\PC\Application Data\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Sports Car 1440x900 = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\beaimjeilfmbahoieadjjhgkclfooiac\1_0\
CHR - Extension: YouTube = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.02.11 23:13:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKU\S-1-5-21-1801674531-879983540-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKLM..\Run: [Z810PNP] C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe ()
O4 - HKLM..\Run: [Z810SysStart] C:\Program Files\Connection Manager\sysctrl.exe ()
O4 - HKU\S-1-5-21-1801674531-879983540-725345543-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1801674531-879983540-725345543-1004..\Run: [Z810PNP] C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe ()
O4 - HKU\S-1-5-21-1801674531-879983540-725345543-1004..\Run: [Z810SysStart] C:\Program Files\Connection Manager\sysctrl.exe ()
O4 - HKLM..\RunOnce: [CleanSetup] cmd /C rmdir /S /Q "C:\Documents and Settings\PC\Local Settings\temp\nro.tmp\" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-879983540-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html File not found
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\mswsock.dll File not found
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F2405FA-BD2F-405A-837C-B0409AE2C7D9}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.asv2 - asusasv2.dll File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - xvidvfw.dll File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.02.18 22:56:43 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
[2012.02.18 14:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.02.18 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2012.02.18 14:33:07 | 000,100,368 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys
[2012.02.18 13:58:11 | 000,792,704 | ---- | C] (AMD) -- C:\Documents and Settings\PC\Desktop\amddriverdownloader.exe
[2012.02.18 03:26:53 | 000,000,000 | ---D | C] -- C:\4d55b00bdca03c7de3f3ffc48231
[2012.02.17 12:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Directx redist
[2012.02.16 15:52:47 | 007,376,896 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll
[2012.02.16 15:52:31 | 000,956,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll
[2012.02.16 15:52:30 | 019,357,696 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2012.02.16 15:52:30 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe
[2012.02.16 15:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WhoCrashed
[2012.02.16 15:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2012.02.16 15:01:39 | 001,816,696 | ---- | C] (Resplendence Software Projects Sp. ) -- C:\Documents and Settings\PC\Desktop\whocrashedSetup.exe
[2012.02.16 00:14:47 | 000,000,000 | ---D | C] -- C:\rsit
[2012.02.15 22:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2012.02.12 21:14:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.01.07 19:12:16 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll
[2012.01.07 19:12:16 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll
[2012.01.07 14:27:22 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll
[2010.01.15 22:38:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\PC\Application Data\pcouffin.sys

========== Files - Modified Within 7 Days ==========

[2012.02.19 00:40:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.02.18 22:56:42 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
[2012.02.18 21:48:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.18 21:26:15 | 000,109,147 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\page1.jpg
[2012.02.18 18:50:20 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012.02.18 18:17:14 | 000,204,582 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Picture 64.jpg
[2012.02.18 18:06:10 | 000,454,885 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Picture 61.jpg
[2012.02.18 16:16:34 | 000,007,852 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Patch wow.rtf
[2012.02.18 13:58:20 | 000,792,704 | ---- | M] (AMD) -- C:\Documents and Settings\PC\Desktop\amddriverdownloader.exe
[2012.02.18 13:44:21 | 000,505,146 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.18 13:44:19 | 000,097,382 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.18 11:15:58 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.18 03:25:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.02.18 02:50:35 | 006,089,830 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Morandi - Rock the World.mp3
[2012.02.17 19:16:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.17 16:43:34 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.16 15:05:56 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\WhoCrashed.lnk
[2012.02.16 15:01:42 | 001,816,696 | ---- | M] (Resplendence Software Projects Sp. ) -- C:\Documents and Settings\PC\Desktop\whocrashedSetup.exe
[2012.02.16 00:09:58 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\RSIT.exe
[2012.02.14 23:18:11 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.02.14 23:18:11 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.02.12 21:13:04 | 000,186,880 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\T-Cleaner.exe

========== Files Created - No Company Name ==========

[2012.02.19 00:40:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.18 21:26:12 | 000,109,147 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\page1.jpg
[2012.02.18 18:17:13 | 000,204,582 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Picture 64.jpg
[2012.02.18 18:06:34 | 000,454,885 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Picture 61.jpg
[2012.02.18 02:50:00 | 006,089,830 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Morandi - Rock the World.mp3
[2012.02.17 10:30:34 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.02.16 15:52:31 | 000,219,080 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2012.02.16 15:05:56 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\WhoCrashed.lnk
[2012.02.16 00:10:26 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\RSIT.exe
[2012.02.14 23:18:11 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.02.12 21:13:07 | 000,186,880 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\T-Cleaner.exe
[2012.02.09 21:36:20 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.01.24 18:36:43 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012.01.24 18:35:50 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012.01.24 18:35:26 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012.01.07 19:12:28 | 000,835,584 | ---- | C] () -- C:\WINDOWS\vsnp325.exe
[2012.01.07 19:12:28 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnp325.exe
[2012.01.07 19:12:28 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.10.30 18:49:33 | 000,000,009 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011.10.13 12:13:31 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\fontcacheev1.dat
[2011.03.27 19:02:19 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\steam_md4.dat
[2010.12.19 14:55:05 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.12.19 11:56:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\downloads.m3u
[2010.12.11 16:33:12 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.11.27 19:53:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2010.06.17 14:05:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.06.17 14:05:55 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.06.17 14:05:23 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\$_hpcst$.hpc
[2010.06.08 18:05:24 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\default.rss
[2010.05.10 20:51:40 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010.05.10 20:39:51 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.03.03 17:19:23 | 000,015,360 | ---- | C] () -- C:\WINDOWS\wpktui10.exe
[2010.02.20 23:08:20 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010.01.15 22:38:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\pcouffin.cat
[2010.01.15 22:38:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\pcouffin.inf
[2009.12.26 11:34:27 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\PnkBstrK.sys
[2007.02.23 19:57:09 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.12.09 12:43:32 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\fusioncache.dat

========== LOP Check ==========

[2011.01.31 00:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.02.05 22:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012.02.16 15:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2011.09.14 13:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.09.14 13:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2008.12.25 09:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008.03.31 13:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.10.12 21:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2011.06.22 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.02.13 23:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010.02.26 17:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010.06.23 12:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.06.12 08:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2008.03.19 19:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
[2011.06.24 11:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2010.02.14 17:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009.04.04 10:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.06.24 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012.02.15 22:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2007.10.05 10:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2011.04.20 15:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008.12.25 09:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010.01.07 21:30:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2011.10.13 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Adguard
[2010.12.24 12:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Any DVD Converter Professional
[2008.08.10 20:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Ascaron Entertainment
[2011.10.13 12:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Babylon
[2010.10.10 17:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BlackBean
[2009.01.27 14:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Blender Foundation
[2007.11.29 19:04:59 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\PC\Application Data\Chromeflower
[2009.01.26 18:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\CoSoSys
[2007.11.15 16:52:50 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\PC\Application Data\CrystalSpace
[2011.07.31 15:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DAEMON Tools Lite
[2011.12.25 17:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DDMSettings
[2010.12.11 16:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Dealio
[2010.12.20 17:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DVDVideoSoft
[2009.10.20 08:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\EPSON
[2008.03.31 13:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ESET
[2009.02.23 19:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Foxit
[2010.12.11 16:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\FreeAudioPack
[2009.04.03 22:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\funkitron
[2010.01.26 18:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\gtk-2.0
[2010.10.13 16:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Guitar Pro 6
[2012.01.13 20:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ICQ
[2008.12.09 15:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ICQ Toolbar
[2009.02.19 18:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\IObit
[2009.02.07 15:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Leadertech
[2007.01.05 16:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\LG Electronics
[2009.04.28 19:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\LimeWire Music
[2009.01.27 15:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\MMToolz
[2010.02.26 17:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\NCH Swift Sound
[2011.06.24 12:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nitro PDF
[2009.03.25 14:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nokia
[2010.05.29 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Octoshape
[2011.06.24 11:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\OpenCandy
[2008.10.16 17:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\PC Suite
[2010.01.26 17:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\PhotoLine
[2010.06.24 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Samsung
[2011.12.25 16:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Search Settings
[2007.12.11 14:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Sierra
[2009.12.30 23:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\SoundSpectrum
[2007.12.20 14:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\SpamBayes
[2011.04.20 15:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Ubisoft
[2011.08.13 09:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Unity
[2010.01.23 22:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Vso
[2008.05.09 12:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Wildfire

========== Purity Check ==========



========== Custom Scans ==========


< >

< >

[Waler22]

< MD5 for: ATAPI.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 13:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2006.02.28 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.12.10 13:00:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.02.28 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.02.28 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]
[11 C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.09.02 21:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007.09.17 16:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2011.01.31 00:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.05.10 20:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011.12.31 14:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2002.01.01 08:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009.03.14 10:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2011.12.26 21:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.02.05 22:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011.12.25 17:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2012.02.16 15:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2011.09.14 13:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.09.14 13:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2008.12.25 09:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008.03.31 13:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.06.19 23:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010.10.12 21:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
[2011.06.22 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.02.13 23:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010.02.20 13:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.07.16 23:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.01.23 19:54:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.02.26 17:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011.03.27 16:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.06.23 12:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.06.12 08:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2008.03.19 19:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
[2011.06.24 11:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2010.02.14 17:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011.12.31 13:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2011.02.15 18:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.11.24 15:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009.04.04 10:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.05.10 20:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2010.06.24 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011.08.27 00:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012.02.15 22:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2012.02.10 14:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2007.10.05 10:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Learning Company
[2008.04.10 22:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2011.04.20 15:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008.12.25 09:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010.01.07 21:30:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2008.08.17 12:39:33 | 002,928,992 | R--- | M] (Crytek ) -- C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\912\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\912\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\912\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\912\ReaderUpdater.exe
[2011.06.06 21:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.12.25 17:43:00 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2011.12.25 17:43:03 | 000,057,591 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2011.02.15 15:46:09 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2011.12.25 17:43:20 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe
[2011.12.25 17:43:08 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2011.12.25 17:43:10 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2011.12.25 17:44:50 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2011.12.25 17:43:09 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2011.12.25 17:43:11 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2011.12.25 17:43:17 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2011.12.25 17:43:19 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2011.02.15 15:46:00 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2011.12.25 17:42:49 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2011.12.25 17:42:53 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe
[2011.12.25 17:44:32 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2011.02.15 15:44:56 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2011.12.25 17:33:37 | 000,927,072 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2011.12.25 17:39:24 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\DivX\Symantec\SymInstallStub.exe
[2011.02.15 15:46:06 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2011.12.25 17:43:28 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2011.12.25 17:44:34 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2011.12.25 17:44:47 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2007.01.11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
[2010.02.13 15:59:48 | 024,570,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_sk.exe
[2010.02.13 23:49:11 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
[2010.02.13 23:49:10 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
[2010.02.13 23:49:10 | 003,203,453 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
[2009.03.25 14:24:37 | 033,963,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_slk_web.exe
[2009.03.25 14:30:48 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstCCD.exe
[2009.03.25 14:30:48 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCS.exe
[2009.03.25 14:30:48 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2009.04.29 05:54:28 | 034,646,640 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_slk_web.exe
[2009.04.29 06:01:03 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
[2009.04.29 06:01:04 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
[2009.04.29 06:01:04 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2010.06.11 21:52:51 | 000,155,648 | ---- | M] (Nexon) -- C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe

< %APPDATA%\*. >
[2011.10.13 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Adguard
[2011.08.30 23:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Adobe
[2007.10.07 20:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\AdobeUM
[2007.10.28 15:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Ahead
[2010.12.24 12:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Any DVD Converter Professional
[2010.05.10 20:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Apple Computer
[2008.12.27 12:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ArcSoft
[2008.08.10 20:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Ascaron Entertainment
[2010.01.30 21:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ATI
[2011.10.13 12:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Babylon
[2010.10.10 17:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BlackBean
[2009.01.27 14:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Blender Foundation
[2007.11.29 19:04:59 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\PC\Application Data\Chromeflower
[2009.01.26 18:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\CoSoSys
[2007.11.15 16:52:50 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\PC\Application Data\CrystalSpace
[2011.07.31 15:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DAEMON Tools Lite
[2011.12.25 17:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DDMSettings
[2010.12.11 16:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Dealio
[2011.12.30 01:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DivX
[2010.12.20 17:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DVDVideoSoft
[2009.10.20 08:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\EPSON
[2008.03.31 13:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ESET
[2009.02.23 19:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Foxit
[2010.12.11 16:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\FreeAudioPack
[2009.04.03 22:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\funkitron
[2009.02.09 15:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Google
[2009.12.11 12:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\GRETECH
[2010.01.26 18:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\gtk-2.0
[2010.10.13 16:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Guitar Pro 6
[2009.08.12 09:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Hamachi
[2008.05.15 16:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Help
[2012.01.13 20:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ICQ
[2008.12.09 15:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ICQ Toolbar
[2006.12.09 12:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Identities
[2008.12.09 15:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\InstallShield
[2009.02.19 18:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\IObit
[2009.02.07 15:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Leadertech
[2007.01.05 16:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\LG Electronics
[2009.04.28 19:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\LimeWire Music
[2007.11.22 18:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Macromedia
[2010.02.20 13:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Malwarebytes
[2011.08.30 23:13:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\PC\Application Data\Microsoft
[2009.01.13 17:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Microsoft Games
[2009.01.27 15:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\MMToolz
[2010.05.10 20:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Mozilla
[2010.02.26 17:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\NCH Swift Sound
[2010.06.08 17:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nero
[2010.12.19 12:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\NeroDigital(TM)
[2011.06.24 12:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nitro PDF
[2009.03.25 14:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nokia
[2010.05.29 23:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Octoshape
[2011.06.24 11:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\OpenCandy
[2008.10.16 17:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\PC Suite
[2010.01.26 17:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\PhotoLine
[2010.05.10 21:09:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Real
[2010.06.24 14:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Samsung
[2011.12.25 16:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Search Settings
[2010.04.09 16:08:51 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\PC\Application Data\SecuROM
[2007.12.11 14:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Sierra
[2012.02.18 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Skype
[2009.12.30 23:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\SoundSpectrum
[2007.12.20 14:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\SpamBayes
[2009.04.28 18:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Sun
[2011.11.20 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\U3
[2011.04.20 15:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Ubisoft
[2011.08.13 09:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Unity
[2011.10.30 21:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\vlc
[2010.01.23 22:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Vso
[2008.05.09 12:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Wildfire
[2011.06.24 11:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Winamp
[2010.02.26 20:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2007.03.22 11:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\GRETECH\GomPlayer\GrLauncher.exe
[2010.10.23 11:00:27 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2002.01.01 07:50:57 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2010.02.06 21:02:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.01.08 14:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[2011.06.24 11:55:39 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\OpenCandy\OpenCandy_E119FE74E1C84FB8B5A6CBFC1F15542D\LatestDLMgr.exe
[2011.06.24 11:57:42 | 031,880,832 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\OpenCandy\OpenCandy_E119FE74E1C84FB8B5A6CBFC1F15542D\NitriPDFen32_p1v2.exe
[2010.05.10 20:43:12 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\PC\Application Data\Real\Update\setup3.10\setup.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\U3\temp\cleanup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.27 19:28:17 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.12.09 20:02:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.12.09 20:02:49 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.12.09 20:02:49 | 000,917,504 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.02.17 16:43:34 | 000,001,984 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2012.02.18 11:15:58 | 000,272,576 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.02.18 03:29:48 | 052,550,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2012.02.18 13:44:19 | 000,097,382 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.02.18 13:44:21 | 000,505,146 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.02.18 13:44:18 | 000,593,194 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.02.17 19:16:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Z810SysStart" = C:\Program Files\Connection Manager\sysctrl.exe -- [2008.09.01 15:47:26 | 000,307,200 | ---- | M] ()
"Z810PNP" = C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe -- [2008.09.09 13:40:00 | 000,122,880 | ---- | M] ()
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 01:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.02.17 22:07:52 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=5AC757AE411CBC603C33C85F81F8657D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.02.19 00:40:48 | 000,000,512 | ---- | M] () MD5=22C94A85067EB99168C9908807E3A565 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.03.24 12:32:42 | 055,590,400 | ---- | M] () -- \Documents and Settings\PC\Desktop\METAL\Crysis2 crack no. 1.exe
[2011.12.11 15:03:27 | 000,004,328 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class
[2011.11.15 16:17:16 | 000,012,878 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav

< *keygen* /s >

< *loader* /s >
[2012.02.18 13:58:20 | 000,792,704 | ---- | M] () -- \Documents and Settings\PC\Desktop\amddriverdownloader.exe
[2010.05.29 08:01:32 | 000,000,726 | ---- | M] () -- \Documents and Settings\PC\Desktop\JDownloader.lnk
[2011.08.09 21:23:00 | 000,312,176 | ---- | M] () -- \Documents and Settings\PC\Local Settings\Application Data\Solid State Networks\Host.1c42f10be86e8709010717708e8d96664d428cd8\downloader.bundle
[2011.08.09 14:57:00 | 000,521,632 | ---- | M] () -- \Documents and Settings\PC\Local Settings\Application Data\Solid State Networks\Host.1c42f10be86e8709010717708e8d96664d428cd8\downloader.dll
[2010.01.30 19:49:28 | 000,000,314 | ---- | M] () -- \Documents and Settings\PC\Start Menu\Programs\JDownloader\JDownloader Support.lnk
[2010.01.30 19:49:28 | 000,000,800 | ---- | M] () -- \Documents and Settings\PC\Start Menu\Programs\JDownloader\JDownloader.lnk
[2010.01.30 19:49:33 | 000,000,790 | ---- | M] () -- \Documents and Settings\PC\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk
[2011.01.20 15:12:56 | 000,000,001 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2007.11.06 16:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007.10.23 08:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2006.12.15 14:31:20 | 000,114,688 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004.04.21 17:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 19:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2011.06.22 19:14:45 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.22 19:14:46 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.22 19:14:45 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.29 11:50:07 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.22 19:16:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.22 19:16:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.08.06 23:40:48 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.06.28 18:04:49 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.06.22 19:18:51 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011.06.22 19:21:31 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010.01.22 01:46:50 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2011.03.16 10:02:40 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2010.01.31 19:51:35 | 000,000,100 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\ipauploader.com.png
[2010.01.22 02:26:46 | 000,000,113 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2010.01.22 01:46:52 | 000,003,107 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\decrypter\UploaderRo.class
[2010.01.22 01:46:52 | 000,003,264 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\IPAUploaderCom.class
[2011.12.11 15:00:52 | 000,007,073 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderPl.class
[2010.01.30 19:52:21 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2003.09.26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2009.12.12 15:12:04 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.06.11 20:23:41 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2006.02.28 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.02.18 13:58:44 | 000,061,746 | ---- | M] () -- \WINDOWS\Prefetch\AMDDRIVERDOWNLOADER.EXE-273CF884.pf
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \WINDOWS\system32\INLOADER.DLL
[2011.06.10 14:42:32 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2011.06.10 14:47:22 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

========== Files - Unicode (All) ==========
[2010.06.23 12:24:33 | 000,000,000 | ---D | M](D:\Documents and Settings\PC\My Documents\?? ???) -- D:\Documents and Settings\PC\My Documents\넥슨 플러그
[2010.06.23 12:24:33 | 000,000,000 | ---D | C](D:\Documents and Settings\PC\My Documents\?? ???) -- D:\Documents and Settings\PC\My Documents\넥슨 플러그

< End of report >



a log Extras.txt


OTL Extras logfile created on: 19.2.2012 0:35:57 - Run 1
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Documents and Settings\PC\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,52% Memory free
2,60 Gb Paging File | 2,14 Gb Available in Paging File | 82,35% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 3,79 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 72,72 Gb Total Space | 1,61 Gb Free Space | 2,21% Space Free | Partition Type: NTFS

Computer Name: SEMPRON643000 | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\SpamBayes\bin\sb_tray.exe" = C:\Program Files\SpamBayes\bin\sb_tray.exe:*:Disabled:sb_tray -- ()
"D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = D:\Program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"D:\Program files\Call of Duty 4 - Modern Warfare\iw3mp.exe" = D:\Program files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Disabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program files\Warcraft III\War3.exe" = D:\Program files\Warcraft III\War3.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment)
"D:\Program files\Modern Warfare 2\iw4mp.exe" = D:\Program files\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp -- (alterIWnet)
"D:\Program files\Modern Warfare 2\iw4sp.exe" = D:\Program files\Modern Warfare 2\iw4sp.exe:*:Disabled:iw4sp -- ()
"D:\Program files\Modern Warfare 2\iw4mp.dat" = D:\Program files\Modern Warfare 2\iw4mp.dat:*:Enabled:iw4mp -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"D:\Program files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = D:\Program files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Disabled:Crysis2 -- (Crytek GmbH)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Program files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe" = D:\Program files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03030CB1-AEA1-90F8-6442-AC063AA1AE20}" = ccc-core-static
"{04AEC292-1A31-CE8E-47E4-266FE77D2570}" = CCC Help Norwegian
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{060D01AA-1D31-AE78-C40F-84031E2190A1}" = Catalyst Control Center Localization Spanish
"{09C6A4C7-A2D2-1DD9-A81C-44C30042A00C}" = CCC Help Greek
"{0A173336-214D-0609-4897-5E2547D0395D}" = CCC Help Dutch
"{0D62D425-0E0D-DE26-0093-A292D2046C7D}" = CCC Help Italian
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13FA4672-7F3E-7DE8-706D-92930F5C9FF6}" = Catalyst Control Center Localization Russian
"{18D2B49A-7ADF-528D-2BDA-082F08067F8F}" = Catalyst Control Center Localization German
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1A5F9CD3-7BD3-F68F-1267-7C1157AFE531}" = Catalyst Control Center Graphics Full New
"{1A69935D-7AA8-C8E3-66FB-920279E0583A}" = Catalyst Control Center
"{1B9E212F-DFDC-F1D4-D1FD-986149513125}" = CCC Help Russian
"{1CAEFAE2-D12E-CA26-62BC-DF452004B3B1}" = CCC Help Swedish
"{1D9B2B74-82B1-9CE7-0A9A-6234008D11EE}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FD2F747-3498-EAFB-B4B8-962077341645}" = Skins
"{2008E16E-EB17-B0D1-BB6D-895A57964470}" = Catalyst Control Center Localization Norwegian
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2492ACEF-8CB8-4AB7-8E60-4F89D701EAA1}" = Connection Manager
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{27BA81F4-0625-02B2-B1C8-E8BEE22A9BE3}" = Catalyst Control Center Localization Turkish
"{29082A9B-0144-5189-78B3-1E8D47DD644D}" = ccc-core-preinstall
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{31933300-7BE3-0040-7962-9B978F57E9B5}" = CCC Help English
"{32CC171C-3234-4976-8215-9F25164CF8B5}" = Connection Manager
"{344846B1-5F9E-12EE-20A8-0F409C65786C}" = Catalyst Control Center Graphics Full Existing
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3648BEC1-6D29-895B-1B54-CDFA8D514B42}" = ccc-utility
"{36E2106B-699C-E74C-C50B-71219A8A3F93}" = Catalyst Control Center Localization French
"{37CAA669-9BA0-49F2-8462-C76269E474E8}" = ASUS Smart Doctor
"{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}" = OLYMPUS Master 2
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{406AE7DC-5FD1-FC3A-00F5-024AD25DF01B}" = CCC Help Danish
"{412B84F5-74AF-7E93-CF49-D9BEA2DC0C69}" = CCC Help Portuguese
"{454784CB-457E-4f43-8C7F-32A751BD1FA3}" = Dealio Toolbar v4.9
"{4893A35F-0A23-48EC-8E74-24969244D6F2}" = Catalyst Control Center - Branding
"{4A742CBE-078E-03FF-C7D5-B3E1B676BDF2}" = CCC Help Czech
"{4B6DD00B-BC05-185B-BE8B-997A23B367C4}" = CCC Help Chinese Traditional
"{4C7E7069-1B8C-2E4D-B107-11F854644574}" = Catalyst Control Center Localization Polish
"{4EDA610E-C095-7BCC-4A5E-9EBAB7AA7781}" = CCC Help Japanese
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1" = PhotoInstrument 3.0
"{5AAE882D-F6F7-9791-A0EC-CE1667698211}" = ccc-core-preinstall
"{5EE65592-88FD-48AA-98CA-EE9BDB1FF518}" = LG PhoneManager
"{5F1AE198-965A-C65D-218A-B76F19B86BEC}" = CCC Help German
"{5FEEB4D3-31F1-FF10-5F61-A988CD44CA59}" = CCC Help Hungarian
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{632877AA-8645-9E20-C868-7C8B5B9AF977}" = Catalyst Control Center Localization Portuguese
"{651CD0A0-8B64-B3F1-23B9-294C39F09A31}" = CCC Help Finnish
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6CC91C8C-EA7E-D8BB-BB55-3BAA380FA3CA}" = CCC Help Greek
"{6F215FEB-DAAB-DEB0-243C-741BEBF12170}" = CCC Help Danish
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71D4305B-56E6-4971-A799-FB7678A1D1AB}" = ASUS ATI Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{74F28F11-404B-4CEA-92FF-37BF476F239E}" = VirtualDJ PRO Full
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{77514C51-66D9-2F7C-56D8-5495B8CFAF5E}" = CCC Help French
"{785849CD-9B33-4267-7574-5584670060B0}" = CCC Help Chinese Standard
"{792A669E-71A6-9210-2C06-3FCF0DDFC4C5}" = Catalyst Control Center Localization All
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{8246A227-5472-F50B-7F06-A2FE74FBD76A}" = Catalyst Control Center Graphics Light
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E2D6A5-27C7-969D-F068-6DAE5BE023B2}" = Catalyst Control Center Graphics Full New
"{8477A5FF-4D1C-B389-EA56-FA210049107C}" = CCC Help Chinese Traditional
"{860BD052-49CB-7220-8792-15523D08C2A2}" = CCC Help Korean
"{870FB7F0-59C3-099B-4ABF-A9F977393EE9}" = ccc-utility
"{87A957D3-47F6-4990-A646-26BC4893D29A}" = CCC Help French
"{885DDF98-4E4C-4D80-59C9-B785F2D314E4}" = Catalyst Control Center Graphics Previews Common
"{899EAFD7-E8FA-3404-61BA-8D067F1209E6}" = Catalyst Control Center Localization Czech
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8BA39C32-5CB4-E900-4402-866AA1C8065C}" = CCC Help Swedish
"{8C93615B-5333-B61B-625E-0D4DCD9E09CA}" = CCC Help Norwegian
"{8D2B09E2-6B04-4960-B780-4B0CE90780EE}" = LightScribe 1.4.39.1
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-041B-0000-0000000FF1CE}" = Balík Compatibility Pack pre systém Office 2007
"{901C0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{96EC9FA7-4D5A-AB5E-B5FA-799244BE8C5D}" = Catalyst Control Center Localization Dutch
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2B41C5-919A-7037-F5E8-42A5E90873B8}" = Catalyst Control Center Graphics Previews Common
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36DDA33-B366-945D-8023-A53F215DC648}" = CCC Help Korean
"{A6991E11-AF13-652B-5736-C8800EF5527B}" = Catalyst Control Center
"{A6C43283-52B7-1E63-8DF3-930719957355}" = Catalyst Control Center Localization Japanese
"{A6EB4CB7-DA32-2FAA-7078-7C0C2882D9DF}" = CCC Help English
"{A7B752D5-CBBF-C03E-78F5-901E3C94AB77}" = ccc-core-static
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA35566E-FE00-B933-B07D-16CDEFCF582F}" = CCC Help Finnish
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AA716909-456B-FFC8-3421-70DA51C87C2C}" = CCC Help Spanish
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADD24D05-DDEA-39CB-0E92-AA371AEE2894}" = Catalyst Control Center InstallProxy
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B1CA9E18-CF9D-CDD2-3B63-7FE37F4DF61A}" = Catalyst Control Center Localization Chinese Traditional
"{B2420CAA-ADC1-8581-938A-2B25C22EF17A}" = ccc-utility
"{B39916D7-71AD-A556-6E88-ED1C7E77CD46}" = Catalyst Control Center Localization Italian
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B81D9181-67D7-6A90-78EA-34108EBBCF7F}" = CCC Help Thai
"{B918272C-7E6E-194F-53E9-D3B566480686}" = Catalyst Control Center Graphics Light
"{BA314F9D-8401-1E44-11BF-F112E93F465E}" = CCC Help English
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB60C298-4D09-F980-08FE-7B20CEAA007F}" = CCC Help Hungarian
"{BBF79B97-F1F4-B472-B8D4-70D865E1AB5A}" = Catalyst Control Center Localization Swedish
"{BD7A9095-71FB-2891-78B3-31C9C5B0C901}" = CCC Help Turkish
"{BEB0B424-3692-E0DC-8D25-04A36C7AB580}" = CCC Help Portuguese
"{BF051AFB-DF1D-4ABC-B884-7A26979D76FE}" = Driver Genius Professional Edition 11.0.0.1112
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1DC125C-9CB9-31ED-9F52-6056F63BF6E2}" = Catalyst Control Center Core Implementation
"{C3E6BD4B-B0E5-F989-E431-EB6949FB4ADA}" = Catalyst Control Center Localization Korean
"{C4186C0D-FB9F-5D83-21FB-A737A13EFAE6}" = AMD Catalyst Install Manager
"{C4574477-C9FA-CF5F-B5AC-D379D655A962}" = CCC Help Chinese Standard
"{C5ED7EC9-7C4D-AF4F-6C36-55DCDC6F4117}" = Catalyst Control Center Graphics Previews Common
"{C5F15B3A-3B3F-7865-1A76-BC2BE1FE81AF}" = CCC Help Thai
"{C86492CA-DDD8-A358-75D8-7E86D5A4DE72}" = ccc-utility
"{C8A92B59-E083-7715-F78F-FDD77B121C3C}" = Catalyst Control Center HydraVision Full
"{CA1C8BBC-0DDA-1A3B-CCDD-24313832DABE}" = CCC Help German
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBA4DD0F-0871-39EB-A48B-03BC9E5E437B}" = CCC Help Japanese
"{CC5D2528-A9D0-FBCD-3CE0-0BDA658B30AF}" = Catalyst Control Center Localization Greek
"{CD6DC991-9FDD-0338-FC18-B36B09669F6C}" = CCC Help Russian
"{CE0C5526-9283-A1CC-220F-AED90349ACDC}" = Catalyst Control Center Localization Hungarian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2D36A7-3CDD-4782-B987-D1326C0B34B0}" = ASUS Utilities
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2AE6E2C-1D83-1D42-FE28-1BD9681E25FC}" = CCC Help Czech
"{D88615A2-E957-D475-5476-515620E07119}" = Catalyst Control Center Localization Chinese Standard
"{DE0C72A8-B4A3-4B80-3CF9-2DC45CF865D5}" = CCC Help Spanish
"{E1BB2F42-B3AA-79D7-4F3A-53791A09EB10}" = Catalyst Control Center Localization Danish
"{E3995DE8-3772-6215-C5AE-BF343E3BEA0C}" = CCC Help Dutch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E5B2C34F-BEDE-5AF8-DBD3-C05E8C030588}" = CCC Help Italian
"{E9A1C620-2F7B-3A85-398A-3F0006903F7E}" = Catalyst Control Center Localization Thai
"{EACD7C2E-FC91-5342-83C7-4A62DB710948}" = CCC Help Polish
"{EEEC1285-F4B2-BD99-C895-BED9881795CC}" = CCC Help English
"{F0A6D1C4-7E73-963B-C4C6-C97121B1992B}" = CCC Help Turkish
"{F14B6DB9-11AE-8998-F871-46DD4463DC11}" = Catalyst Control Center Localization Finnish
"{F1BCD1EA-73CE-B1BF-70DC-A1A6EF3132EE}" = Catalyst Control Center Graphics Full Existing
"{F2E92959-8856-6656-BE20-4E2F6685F170}" = Catalyst Control Center Core Implementation
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam RW-100
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"EAX Unified" = EAX Unified
"EPSON Printer and Utilities" = Softvér tlačiarne EPSON
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 Používateľská príručka" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuál
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.91
"GOM Player" = GOM Player
"ie8" = Windows Internet Explorer 8
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{37CAA669-9BA0-49F2-8462-C76269E474E8}" = ASUS Smart Doctor
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0.2 (x86 sk)" = Mozilla Firefox 10.0.2 (x86 sk)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Network Play System (Patching)" = Network Play System (Patching)
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"PunkBusterSvc" = PunkBuster Services
"sekkopzslxtxzivq" = Tagging System Thesuperads
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"VLC media player" = VLC media player 1.1.11
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WhoCrashed_is1" = WhoCrashed 3.03
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-879983540-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12.12.2010 14:09:44 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:09:45 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:09:46 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:09:48 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:09:51 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:09:56 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:10:03 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:10:13 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:10:25 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

Error - 12.12.2010 14:10:40 | Computer Name = SEMPRON643000 | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 17.2.2012 7:03:01 | Computer Name = SEMPRON643000 | Source = MsiInstaller | ID = 10005
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a
problem with this Windows Installer package. Please refer to the setup log for
more information.

Error - 17.2.2012 7:25:13 | Computer Name = SEMPRON643000 | Source = MsiInstaller | ID = 1023
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Aktualizáciu
KB2633880 sa nepodarilo nainštalovať. Kód chyby 1603. Ďalšie informácie sú uvedené
v súbore denníka C:\DOCUME~1\PC\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2633880_20120217_103754453-Msi0.txt.

Error - 17.2.2012 7:25:20 | Computer Name = SEMPRON643000 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2633880,
P2 1051, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 17.2.2012 17:56:15 | Computer Name = SEMPRON643000 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 iw4mp.exe, P2 1.3.3.7, P3 4eef8752, P4 mscorlib,
P5 2.0.0.0, P6 4e154d36, P7 358b, P8 24, P9 system.io.filenotfoundexception, P10
NIL.

Error - 18.2.2012 8:03:19 | Computer Name = SEMPRON643000 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia AvastUI.exe, verzia 6.0.1367.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 18.2.2012 8:43:58 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description = Hodnota reťazca názvu počítadla výkonu v databáze Registry je nesprávne
naformátovaná.
Nepravý reťazec je 13226, nepravá hodnota registra je prvý údaj DWORD v údajovej
časti, zatiaľ čo posledné platné hodnoty registra sú druhý a tretí údaj DWORD v
údajovej časti.

Error - 18.2.2012 8:43:58 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3011
Description = Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu
ASP.NET_2.0.50727 (ASP.NET_2.0.50727). Kód chyby je prvý údaj DWORD v údajovej časti.

Error - 18.2.2012 8:44:15 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description = Hodnota reťazca názvu počítadla výkonu v databáze Registry je nesprávne
naformátovaná.
Nepravý reťazec je 13226, nepravá hodnota registra je prvý údaj DWORD v údajovej
časti, zatiaľ čo posledné platné hodnoty registra sú druhý a tretí údaj DWORD v
údajovej časti.

Error - 18.2.2012 8:44:15 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3011
Description = Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu
aspnet_state (ASP.NET State Service). Kód chyby je prvý údaj DWORD v údajovej časti.

Error - 18.2.2012 8:44:16 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description = Hodnota reťazca názvu počítadla výkonu v databáze Registry je nesprávne
naformátovaná.
Nepravý reťazec je 13226, nepravá hodnota registra je prvý údaj DWORD v údajovej
časti, zatiaľ čo posledné platné hodnoty registra sú druhý a tretí údaj DWORD v
údajovej časti.

[ Security Events ]
Error - 17.2.2012 7:03:01 | Computer Name = SEMPRON643000 | Source = MsiInstaller | ID = 10005
Description =

Error - 17.2.2012 7:25:13 | Computer Name = SEMPRON643000 | Source = MsiInstaller | ID = 1023
Description =

Error - 17.2.2012 7:25:20 | Computer Name = SEMPRON643000 | Source = HotFixInstaller | ID = 5000
Description =

Error - 17.2.2012 17:56:15 | Computer Name = SEMPRON643000 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description =

Error - 18.2.2012 8:03:19 | Computer Name = SEMPRON643000 | Source = Application Hang | ID = 1002
Description =

Error - 18.2.2012 8:43:58 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description =

Error - 18.2.2012 8:43:58 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3011
Description =

Error - 18.2.2012 8:44:15 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description =

Error - 18.2.2012 8:44:15 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3011
Description =

Error - 18.2.2012 8:44:16 | Computer Name = SEMPRON643000 | Source = LoadPerf | ID = 3001
Description =

[ System Events ]
Error - 18.2.2012 16:01:49 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:05:35 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:05:37 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:05:39 | Computer Name = SEMPRON643000 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ATK Keyboard Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 18.2.2012 16:48:59 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:48:59 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:48:59 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:52:14 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:52:16 | Computer Name = SEMPRON643000 | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 18.2.2012 16:52:18 | Computer Name = SEMPRON643000 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ATK Keyboard Service zlyhalo kvôli nasledujúcej chybe:
%%2


< End of report >

a na ploche sa mi objavilo pár súborov ktoré sú akoby zneviditeľnené

[vyosek]

Neviditelne soubory na konci leceni ukryjem

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [Auto | Stopped] -- -- (ATKKeyboardService)
  SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
  IE - HKLM\..\URLSearchHook: - No CLSID value found
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
  IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
  IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171
  IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-21-1801674531-879983540-725345543-1004\..\URLSearchHook: - No CLSID value found
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
  FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
  FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
  FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
  [2012.01.05 02:41:23 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2011.12.23 22:56:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
  [2011.10.13 12:17:31 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\extensions\ffxtlbr@babylon.com
  [2012.02.17 22:14:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-1.xml
  [2011.12.25 18:22:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-10.xml
  [2012.01.07 02:03:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-11.xml
  [2012.02.03 03:18:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-12.xml
  [2012.02.14 23:20:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-13.xml
  [2012.02.17 22:08:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-14.xml
  [2011.06.25 12:08:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-2.xml
  [2011.08.16 22:09:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-3.xml
  [2011.08.31 19:13:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-4.xml
  [2011.09.07 16:43:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-5.xml
  [2011.10.02 03:02:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-6.xml
  [2011.10.16 08:07:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-7.xml
  [2011.11.09 19:38:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-8.xml
  [2011.12.10 23:22:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin-9.xml
  [2012.01.04 14:54:58 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.gif
  [2012.01.04 14:54:58 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.src
  [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\ufv0rxup.default\searchplugins\icqplugin.xm
  O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
  O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
  O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O4 - HKLM..\RunOnce: [CleanSetup] cmd /C rmdir /S /Q "C:\Documents and Settings\PC\Local Settings\temp\nro.tmp\" File not found
  O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
  [33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]
  [11 C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp -> ]
  [1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
  [2008.03.31 13:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
  [2008.03.31 13:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ESET
  [2008.12.09 15:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ICQ Toolbar
  [2009.02.19 18:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\IObit
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "SpybotSD TeaTimer"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Waler22]

A tie veci čo som predtým zaklikol, ako napríklad File Age: 7 days atď. netreba zakliknúť už?