Prosim o preventivnu kontrolu, pripadne vyhadzanie zbytocnosti. Dakujem
prikladam log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Iva at 2012-06-23 18:15:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 84 GB (32%) free of 259 GB
Total RAM: 3033 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:56, on 23. 6. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\PROGRA~1\ICQ7.1\ICQ.exe
C:\windows\system32\taskeng.exe
D:\Install\RSIT\RSIT.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Iva.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Iva\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\windows\System32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
--
End of file - 8221 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job
C:\windows\tasks\Install_NSS.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://qip.ru"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\
superfish@superfish.com
toolbar@ask.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\
askcom.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qip-search.xml
wot-safe-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-03 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-10-12 142288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-03 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFace\PManage.exe [2009-11-10 3122440]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-02-11 172568]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Iva\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15 136176]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2012-06-23 124216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe [2012-06-23 124216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe [2011-10-12 191440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-20 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-06-23 18:15:46 ----D---- C:\rsit
2012-06-23 15:45:19 ----D---- C:\Program Files\ICQ7.5
2012-06-23 12:16:07 ----SHD---- C:\Config.Msi
2012-06-23 11:27:06 ----D---- C:\Program Files\QipGuard
2012-06-23 11:26:55 ----D---- C:\Users\Iva\AppData\Roaming\QipGuard
2012-06-23 11:26:55 ----D---- C:\Users\Iva\AppData\Roaming\QIP
2012-06-23 11:24:40 ----D---- C:\Program Files\QIP 2012
2012-06-21 05:28:07 ----A---- C:\windows\system32\wups2.dll
2012-06-21 05:28:07 ----A---- C:\windows\system32\wuauclt.exe
2012-06-21 05:28:06 ----A---- C:\windows\system32\wucltux.dll
2012-06-21 05:28:05 ----A---- C:\windows\system32\wuaueng.dll
2012-06-21 05:27:53 ----A---- C:\windows\system32\wups.dll
2012-06-21 05:27:53 ----A---- C:\windows\system32\wudriver.dll
2012-06-21 05:27:52 ----A---- C:\windows\system32\wuapi.dll
2012-06-21 05:27:41 ----A---- C:\windows\system32\wuwebv.dll
2012-06-21 05:27:41 ----A---- C:\windows\system32\wuapp.exe
2012-06-14 22:52:47 ----A---- C:\windows\system32\mshtmled.dll
2012-06-14 22:52:46 ----A---- C:\windows\system32\iertutil.dll
2012-06-14 22:52:45 ----A---- C:\windows\system32\wininet.dll
2012-06-14 22:52:45 ----A---- C:\windows\system32\jsproxy.dll
2012-06-14 22:52:45 ----A---- C:\windows\system32\ieUnatt.exe
2012-06-14 22:52:45 ----A---- C:\windows\system32\ieui.dll
2012-06-14 22:52:44 ----A---- C:\windows\system32\url.dll
2012-06-14 22:52:44 ----A---- C:\windows\system32\jscript9.dll
2012-06-14 22:52:44 ----A---- C:\windows\system32\jscript.dll
2012-06-14 22:52:42 ----A---- C:\windows\system32\urlmon.dll
2012-06-14 22:52:40 ----A---- C:\windows\system32\mshtml.dll
2012-06-14 22:52:40 ----A---- C:\windows\system32\ieframe.dll
2012-06-14 05:33:47 ----A---- C:\windows\system32\drivers\rdpwd.sys
2012-06-14 05:33:38 ----A---- C:\windows\system32\rdrmemptylst.exe
2012-06-14 05:33:38 ----A---- C:\windows\system32\rdpwsx.dll
2012-06-14 05:33:38 ----A---- C:\windows\system32\rdpcorekmts.dll
2012-06-14 05:33:36 ----A---- C:\windows\system32\win32k.sys
2012-06-14 05:33:36 ----A---- C:\windows\system32\msi.dll
2012-06-14 05:33:35 ----A---- C:\windows\system32\profsvc.dll
2012-06-14 05:33:32 ----A---- C:\windows\system32\crypt32.dll
2012-06-14 05:33:31 ----A---- C:\windows\system32\cryptsvc.dll
2012-06-14 05:33:31 ----A---- C:\windows\system32\cryptnet.dll
2012-06-03 22:40:49 ----SD---- C:\32788R22FWJFW
2012-05-25 23:11:18 ----D---- C:\Program Files\CCleaner
======List of files/folders modified in the last 1 month======
2012-06-23 18:15:56 ----D---- C:\windows\Prefetch
2012-06-23 18:15:49 ----D---- C:\Program Files\trend micro
2012-06-23 18:15:17 ----D---- C:\windows\temp
2012-06-23 18:13:43 ----D---- C:\windows\system32\config
2012-06-23 18:03:49 ----D---- C:\ProgramData\VeriFace
2012-06-23 15:46:18 ----D---- C:\Users\Iva\AppData\Roaming\ICQ
2012-06-23 15:45:19 ----RD---- C:\Program Files
2012-06-23 12:16:27 ----SHD---- C:\windows\Installer
2012-06-23 12:16:26 ----D---- C:\Program Files\Windows Live Toolbar
2012-06-23 12:16:07 ----D---- C:\windows\Tasks
2012-06-23 12:16:07 ----D---- C:\windows\system32\Tasks
2012-06-23 12:15:58 ----SHD---- C:\System Volume Information
2012-06-23 11:20:26 ----D---- C:\windows\System32
2012-06-23 11:20:26 ----D---- C:\windows\inf
2012-06-23 11:20:26 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-06-23 10:29:38 ----SD---- C:\Users\Iva\AppData\Roaming\Microsoft
2012-06-23 10:25:44 ----A---- C:\windows\system32\FlashPlayerApp.exe
2012-06-23 02:43:51 ----HD---- C:\Program Files\InstallShield Installation Information
2012-06-22 22:34:12 ----RD---- C:\Program Files\Skype
2012-06-21 20:03:03 ----D---- C:\Windows
2012-06-21 16:27:11 ----D---- C:\windows\rescache
2012-06-21 15:00:57 ----D---- C:\windows\winsxs
2012-06-21 15:00:36 ----D---- C:\windows\system32\sk-SK
2012-06-21 05:28:14 ----D---- C:\windows\system32\catroot
2012-06-21 05:28:13 ----D---- C:\windows\system32\catroot2
2012-06-17 21:25:05 ----D---- C:\Users\Iva\AppData\Roaming\gtk-2.0
2012-06-17 07:53:30 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-16 11:40:02 ----D---- C:\Program Files\Mozilla Firefox
2012-06-15 23:48:13 ----D---- C:\windows\debug
2012-06-15 15:56:04 ----D---- C:\Program Files\Opera
2012-06-15 06:07:07 ----D---- C:\windows\Microsoft.NET
2012-06-15 06:07:06 ----RSD---- C:\windows\assembly
2012-06-15 05:25:49 ----D---- C:\windows\system32\drivers
2012-06-15 05:25:48 ----D---- C:\windows\system32\migration
2012-06-15 05:25:48 ----D---- C:\Program Files\Internet Explorer
2012-06-14 22:55:59 ----A---- C:\windows\system32\MRT.exe
2012-06-03 22:42:10 ----D---- C:\windows\ERDNT
2012-05-25 23:31:34 ----D---- C:\windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-08-13 2506232]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S1 MpKslb78d1db6;MpKslb78d1db6; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ED9A8662-FA27-4DBE-BD38-13AD8B7272BF}\MpKslb78d1db6.sys []
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2007-02-28 92032]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 LexBceS;LexBce Server; C:\windows\System32\LEXBCES.EXE [2003-08-18 303104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-10-12 191440]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
NTB preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: NTB preventivka
Zdravim a pekny vecer preji 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
hmm OTL sa zaseklo a neviem ci som to spustila dobre, lebo ja tam vobec nemam tie volby čo si napísal. ja to má anglicky celé.
stlacila som RUN SCAN ... je to OK????
no ale teda vysledok nijaky bo sa to zaseklo na nejakej knižnici ....mnoooo tak teda to beží ďalej ... ale už je to rozhodne dlhšie ako 10 min. tak ked to dokončí vyhodí to nejaký výsledok tak to sem hodím
...
btw .... pokračovanie cca o 23,00 bo teraz musím odísť
stlacila som RUN SCAN ... je to OK????
no ale teda vysledok nijaky bo sa to zaseklo na nejakej knižnici ....mnoooo tak teda to beží ďalej ... ale už je to rozhodne dlhšie ako 10 min. tak ked to dokončí vyhodí to nejaký výsledok tak to sem hodím
...
btw .... pokračovanie cca o 23,00 bo teraz musím odísť
Re: NTB preventivka
Aaaano, RUN SCAN je dobre 
Ja tu budu nekdy pozde v noci ci spiuse brzy nad ranem
Ja tu budu nekdy pozde v noci ci spiuse brzy nad ranem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
tak predsa len sato ešte dokončilo ....
OTL logfile created on: 23. 6. 2012 19:22:06 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Iva\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,96 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,14% Memory free
5,92 Gb Paging File | 4,15 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 81,34 Gb Free Space | 32,16% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 19,83 Gb Free Space | 65,57% Space Free | Partition Type: NTFS
Drive G: | 3,72 Gb Total Space | 1,48 Gb Free Space | 39,83% Space Free | Partition Type: FAT32
Computer Name: IVA-PC | User Name: Iva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/06/23 19:16:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
PRC - [2012/06/23 10:25:44 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012/06/16 11:40:01 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files\QipGuard\QipGuard.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.1\ICQ.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/11/10 18:20:36 | 003,122,440 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe
PRC - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/15 16:29:54 | 004,081,480 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009/07/01 20:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2009/07/01 20:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
PRC - [2009/06/25 11:46:08 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/23 10:25:43 | 009,459,912 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012/06/16 11:39:59 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/12 18:35:12 | 000,186,832 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\QipGuard\chrome.dll
MOD - [2011/01/05 10:18:56 | 000,733,184 | ---- | M] () -- C:\Program Files\ICQ7.1\MDb.dll
MOD - [2009/11/10 18:20:35 | 001,410,312 | ---- | M] () -- C:\Windows\System32\IcnOvrly.dll
MOD - [2009/11/10 18:20:35 | 000,492,808 | ---- | M] () -- C:\Program Files\Lenovo\VeriFace\ChooseLang.dll
MOD - [2009/11/10 18:20:34 | 000,513,288 | ---- | M] () -- C:\Windows\System32\SimpleExt.dll
MOD - [2009/07/01 20:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll
MOD - [2008/12/20 05:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008/12/20 05:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
MOD - [2004/05/25 17:06:58 | 000,417,792 | ---- | M] () -- C:\Windows\System32\ac3filter.ax
========== Win32 Services (SafeList) ==========
SRV - [2012/06/23 10:25:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/16 11:40:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010/05/26 22:25:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/28 16:41:06 | 000,472,328 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009/07/28 16:41:04 | 000,414,984 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/01 20:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ED9A8662-FA27-4DBE-BD38-13AD8B7272BF}\MpKslb78d1db6.sys -- (MpKslb78d1db6)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/03/15 12:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2010/03/15 10:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010/03/15 10:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2010/03/15 10:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2010/03/15 10:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010/03/15 10:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2010/03/15 10:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010/01/20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009/07/30 11:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/28 23:09:38 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009/07/21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/16 14:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009/06/15 04:46:22 | 000,475,648 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/05/25 22:12:36 | 000,122,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2009/03/13 18:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/08/06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/03/14 15:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/28 23:44:14 | 000,092,032 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... FORM=LENIE
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... FORM=LENIE
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... F3BBBCA798
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2233703
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://qip.ru"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Iva\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Iva\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 11:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/06 17:17:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010/01/29 20:17:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iva\AppData\Roaming\mozilla\Extensions
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions
[2012/06/17 16:28:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012/06/22 21:41:13 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}
[2012/05/18 05:24:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/03/30 19:29:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/06/23 11:31:50 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\superfish@superfish.com
[2012/04/30 21:38:03 | 000,000,000 | ---D | M] ("@@toolbarname@@") -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\toolbar@ask.com
[2012/05/19 08:46:54 | 000,002,562 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\askcom.xml
[2010/06/24 23:17:02 | 000,000,687 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icq-search.xml
[2010/07/24 23:39:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-1.xml
[2011/03/05 15:21:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-10.xml
[2011/03/07 22:04:47 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-11.xml
[2011/03/22 18:25:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-12.xml
[2011/03/24 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-13.xml
[2011/04/30 08:52:35 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-14.xml
[2011/06/22 22:03:55 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-15.xml
[2011/08/18 20:27:29 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-16.xml
[2011/08/20 11:20:37 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-17.xml
[2011/09/03 08:57:15 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-18.xml
[2011/09/10 09:14:46 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-19.xml
[2010/07/25 15:59:05 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-2.xml
[2011/09/29 16:37:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-20.xml
[2011/10/01 00:14:04 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-21.xml
[2011/11/12 18:33:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-22.xml
[2012/01/08 10:10:43 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-23.xml
[2012/01/21 00:14:39 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-24.xml
[2010/07/25 21:41:11 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-3.xml
[2010/08/16 20:50:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-4.xml
[2010/09/10 12:53:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-5.xml
[2010/10/22 18:14:19 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-6.xml
[2010/10/23 16:32:54 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-7.xml
[2010/11/02 18:13:49 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-8.xml
[2010/12/12 10:28:56 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-9.xml
[2010/06/26 23:19:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin.xml
[2012/06/23 11:27:11 | 000,002,062 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\qip-search.xml
[2012/06/23 10:30:02 | 000,002,103 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\wot-safe-search.xml
[2012/06/22 22:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/29 20:40:41 | 000,258,567 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/01/21 18:28:22 | 000,008,640 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI
[2012/01/21 19:10:29 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/01/21 18:28:23 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012/01/21 18:28:23 | 000,091,556 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{EDA7B1D7-F793-4E03-B074-E6F303317FB0}.XPI
[2012/01/21 18:28:23 | 000,105,386 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.XPI
[2012/01/21 18:28:13 | 000,025,781 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\ADD-TO-SEARCHBOX@MALTEKRAUS.DE.XPI
[2012/01/21 18:28:19 | 000,195,719 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2012/03/22 20:50:05 | 000,032,381 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\QUICKDRAG@MOZILLA.KTECHCOMPUTING.COM.XPI
[2012/02/23 16:56:47 | 000,072,222 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
[2012/01/21 19:05:30 | 000,009,961 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\YOUTUBEQUALITY@RZLL.XPI
[2012/06/16 11:40:02 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/03 17:32:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 16:39:20 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012/01/29 16:39:20 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012/01/29 16:39:20 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/01/29 16:39:20 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/01/29 16:39:20 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/01/29 16:39:20 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
========== Chrome ==========
CHR - Extension: YouTube = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/05/19 13:18:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D8E5325-D3B6-4362-9845-C12615EAD2BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/06/23 19:16:06 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
[2012/06/23 18:15:46 | 000,000,000 | ---D | C] -- C:\rsit
[2012/06/23 15:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2012/06/23 15:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2012/06/23 12:16:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/23 11:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\QipGuard
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QIP 2012
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\QIP 2012
[2012/06/23 10:29:38 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Local\Macromedia
[2012/06/21 05:28:07 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/21 05:28:06 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/21 05:27:53 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/21 05:27:53 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/21 05:27:52 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/21 05:27:41 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/21 05:27:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
========== Files - Modified Within 7 Days ==========
[2012/06/23 19:29:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/23 19:16:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
[2012/06/23 19:15:00 | 000,000,938 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job
[2012/06/23 18:34:02 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/23 18:03:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/23 15:45:55 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012/06/23 11:26:55 | 000,001,014 | ---- | M] () -- C:\Users\Iva\Desktop\QIP 2012.lnk
[2012/06/23 11:20:26 | 000,665,078 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/23 11:20:26 | 000,125,172 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:25:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/06/23 10:25:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/06/23 10:20:22 | 2384,932,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/23 02:53:54 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job
[2012/06/21 21:45:54 | 000,001,242 | ---- | M] () -- C:\Users\Iva\Desktop\Paint (2).lnk
[2012/06/21 17:02:28 | 007,222,586 | ---- | M] () -- C:\Users\Iva\Desktop\ManualXV.vsesokolskehosletu-A.pdf
[2012/06/17 21:26:30 | 000,002,726 | ---- | M] () -- C:\Users\Iva\.recently-used.xbel
[2012/06/17 21:26:05 | 000,595,563 | ---- | M] () -- C:\Users\Iva\Desktop\vysvedcenie.jpg
========== Files Created - No Company Name ==========
[2012/06/23 19:29:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/23 15:45:55 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012/06/23 11:26:55 | 000,001,014 | ---- | C] () -- C:\Users\Iva\Desktop\QIP 2012.lnk
[2012/06/21 21:45:54 | 000,001,242 | ---- | C] () -- C:\Users\Iva\Desktop\Paint (2).lnk
[2012/06/21 17:02:28 | 007,222,586 | ---- | C] () -- C:\Users\Iva\Desktop\ManualXV.vsesokolskehosletu-A.pdf
[2012/06/17 21:26:30 | 000,002,726 | ---- | C] () -- C:\Users\Iva\.recently-used.xbel
[2012/06/17 21:16:39 | 000,595,563 | ---- | C] () -- C:\Users\Iva\Desktop\vysvedcenie.jpg
[2012/04/04 21:10:30 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/09/26 21:23:10 | 000,007,722 | ---- | C] () -- C:\Users\Iva\AppData\Roaming\mdbu.bin
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2010/11/07 16:06:42 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/05/08 20:34:32 | 000,003,584 | ---- | C] () -- C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/04 22:40:58 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml
========== LOP Check ==========
[2010/08/01 08:24:04 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\EasyCapture
[2011/04/02 19:49:29 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\eM Client
[2012/04/04 21:14:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\GetRightToGo
[2012/06/17 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\gtk-2.0
[2012/06/23 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\ICQ
[2011/01/30 11:29:11 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Opera
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2011/11/29 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony
[2011/11/28 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony Setup
[2012/04/04 21:16:10 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\VDownloader
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Zylom
[2010/01/30 11:59:23 | 000,000,500 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job
[2012/03/11 09:27:45 | 000,032,570 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010/04/09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010/04/09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\ERDNT\cache\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp files -> C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp files -> C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp files -> C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/02/01 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Adobe
[2012/02/07 19:08:15 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Apple Computer
[2010/08/01 08:24:04 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\EasyCapture
[2011/04/02 19:49:29 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\eM Client
[2012/04/04 21:14:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\GetRightToGo
[2012/06/17 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\gtk-2.0
[2012/06/23 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\ICQ
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Identities
[2010/02/01 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Macromedia
[2009/07/29 12:50:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Media Center Programs
[2012/06/23 10:29:38 | 000,000,000 | --SD | M] -- C:\Users\Iva\AppData\Roaming\Microsoft
[2010/01/29 20:17:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Mozilla
[2010/04/18 16:17:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Nero
[2011/01/30 11:29:11 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Opera
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2012/03/08 10:21:42 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Skype
[2011/07/21 20:06:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\skypePM
[2011/11/29 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony
[2011/11/28 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony Setup
[2012/04/04 21:16:10 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\VDownloader
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2011/11/28 23:54:44 | 000,010,134 | R--- | M] () -- C:\Users\Iva\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2012/01/21 23:33:50 | 003,884,200 | ---- | M] (Ask) -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe
[2011/11/28 23:50:31 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Users\Iva\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012/06/23 19:34:00 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012/06/23 02:53:54 | 000,000,886 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job
[2012/06/23 19:15:00 | 000,000,938 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job
[2010/01/30 11:59:23 | 000,000,500 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:25:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerApp.exe
[2012/06/23 10:25:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2012/06/23 11:20:26 | 000,125,172 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2012/06/23 11:20:26 | 000,665,078 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2012/06/23 11:20:26 | 000,795,564 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Iva\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/06/15 23:05:15 | 000,136,176 | ---- | M] (Google Inc.)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2012/06/23 15:45:23 | 000,124,216 | ---- | M] (ICQ, LLC.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/06/16 11:40:01 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/05/18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/06/15 15:55:47 | 000,874,384 | ---- | M] (Opera Software) MD5=308AB9B6B7BEDF60E458D1B950F5CD80 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/06/23 19:29:33 | 000,000,512 | ---- | M] () MD5=CCCDE2D48F1F80244AF1F532C50B42B1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2004/01/01 04:00:00 | 000,007,357 | ---- | M] () -- \DOKUMENTY\Fotky\Fotky_z_fotaku_NEroztriedene\Telefony\Obrazky-Videa-MMS_z_telefonu\Fotky_z_telefonu\Z_telefonu\Pictures\Screensaver\Cracks.jpg
[2002/01/24 14:03:30 | 000,012,288 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Windows Commander 5.0\Crack\Crack.exe
[2002/01/24 14:07:58 | 000,000,181 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Windows Commander 5.0\Crack\Crack.exe.sig
[2011/05/24 20:45:14 | 005,758,513 | ---- | M] () -- \DOKUMENTY\Z_mailu\Videa\IA4_Scrat_Continental_Crack.wmv
[2008/03/04 16:01:54 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1993/01/06 01:29:20 | 000,001,522 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Ine_hry\Summer_letna_olympiada\Sumcrack.exe
[1993/01/06 01:29:20 | 000,001,522 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Ine_hry\Winter_zimna_olympiada\Sumcrack.exe
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Stronghold Crusader\gm\cracks.gm1
< *keygen* /s >
< *loader* /s >
[2012/04/04 20:54:35 | 000,367,939 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Na_stahovanie_videi_z_Youtobe\Brothersoftdownloader_for_VDownloader.exe
[2008/02/13 12:43:00 | 000,003,264 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2008/03/04 16:20:24 | 000,032,280 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2008/03/04 16:20:24 | 000,031,040 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2008/03/04 16:20:24 | 000,045,392 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2008/03/04 16:20:24 | 000,030,392 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2008/03/04 16:20:26 | 000,037,456 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2008/03/04 16:20:26 | 000,024,904 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2008/03/04 16:20:26 | 000,039,400 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2008/03/04 16:20:26 | 000,027,264 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2008/03/04 16:20:26 | 000,022,088 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2008/03/04 16:20:26 | 000,027,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2008/03/04 16:20:28 | 000,031,400 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2008/03/04 16:20:28 | 000,021,632 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2008/03/04 16:20:28 | 000,027,584 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2008/03/04 16:20:28 | 000,045,304 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2008/01/21 20:57:42 | 000,009,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011/09/08 12:18:34 | 000,001,570 | ---- | M] () -- \Program Files\HF Designer\Loader.elf
[2011/09/08 12:18:26 | 000,602,808 | ---- | M] () -- \Program Files\HF Designer\Loader.exe
[2010/04/14 10:50:51 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010/04/14 10:50:51 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010/04/14 10:50:51 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010/04/14 10:50:51 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2010/04/14 10:53:19 | 000,003,479 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\coreg\preloader04.swf
[2011/03/14 23:01:47 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011/02/14 20:27:33 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011/02/14 20:27:33 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010/04/14 10:52:05 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2012/06/23 15:45:20 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/06/23 15:45:21 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/06/23 15:45:20 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/06/23 15:45:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2006/10/24 12:05:10 | 000,014,184 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006/10/24 12:06:52 | 000,047,976 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\Loader.dll
[2005/10/14 04:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 04:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2011/09/27 16:18:22 | 001,614,848 | ---- | M] () -- \Program Files\VDownloader\VDownloader.exe
[2011/03/06 17:42:30 | 000,015,086 | ---- | M] () -- \Program Files\VDownloader\VDownloader.ico
[2011/09/27 16:14:10 | 000,284,160 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.dll
[2011/08/18 18:14:40 | 004,348,416 | ---- | M] () -- \Program Files\VDownloader\Addons\npVDownloader.dll
[2011/08/18 18:14:18 | 000,000,247 | ---- | M] () -- \Program Files\VDownloader\Addons\FireFox\chrome\content\vdownloader.xul
[2011/09/27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ar\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\de\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\es\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\fr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\hu\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\it\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ja\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\ko\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\nl\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\pl\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\pt-BR\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\ru\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,028,672 | ---- | M] () -- \Program Files\VDownloader\sr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\tr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\zh-CHS\VDownloader.resources.dll
[2012/04/04 21:10:32 | 000,001,839 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2009/07/20 12:52:26 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/04/04 21:10:32 | 000,001,839 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2009/07/20 12:52:26 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/06/23 15:45:39 | 000,000,402 | ---- | M] () -- \Users\Iva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6QGHQH1Z\preloader[1].htm
[2012/06/23 02:43:38 | 000,000,402 | ---- | M] () -- \Users\Iva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DB5E98IH\preloader[1].htm
[2012/04/04 21:09:23 | 000,000,000 | ---- | M] () -- \Users\Iva\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_VDownloader.data
[2012/04/04 21:10:33 | 000,001,845 | ---- | M] () -- \Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2012/04/04 21:09:15 | 015,240,116 | ---- | M] () -- \Users\Iva\Documents\Downloads\VDownloaderSetup.exe
[2012/04/04 21:10:32 | 000,001,821 | ---- | M] () -- \Users\Public\Desktop\VDownloader.lnk
[2010/01/29 19:55:41 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009/09/23 03:26:05 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2009/09/23 03:26:05 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2012/05/12 08:13:50 | 000,021,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\ILoader\658b954dac816051e753159c77fd903d\ILoader.ni.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/22 15:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/04/20 20:47:23 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/04/20 20:47:23 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/04/20 20:47:23 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL logfile created on: 23. 6. 2012 19:22:06 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Iva\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,96 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,14% Memory free
5,92 Gb Paging File | 4,15 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 81,34 Gb Free Space | 32,16% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 19,83 Gb Free Space | 65,57% Space Free | Partition Type: NTFS
Drive G: | 3,72 Gb Total Space | 1,48 Gb Free Space | 39,83% Space Free | Partition Type: FAT32
Computer Name: IVA-PC | User Name: Iva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/06/23 19:16:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
PRC - [2012/06/23 10:25:44 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
PRC - [2012/06/16 11:40:01 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe
PRC - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files\QipGuard\QipGuard.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.1\ICQ.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/11/10 18:20:36 | 003,122,440 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe
PRC - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/15 16:29:54 | 004,081,480 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009/07/01 20:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2009/07/01 20:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
PRC - [2009/06/25 11:46:08 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/23 10:25:43 | 009,459,912 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012/06/16 11:39:59 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/12 18:35:12 | 000,186,832 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\QipGuard\chrome.dll
MOD - [2011/01/05 10:18:56 | 000,733,184 | ---- | M] () -- C:\Program Files\ICQ7.1\MDb.dll
MOD - [2009/11/10 18:20:35 | 001,410,312 | ---- | M] () -- C:\Windows\System32\IcnOvrly.dll
MOD - [2009/11/10 18:20:35 | 000,492,808 | ---- | M] () -- C:\Program Files\Lenovo\VeriFace\ChooseLang.dll
MOD - [2009/11/10 18:20:34 | 000,513,288 | ---- | M] () -- C:\Windows\System32\SimpleExt.dll
MOD - [2009/07/01 20:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll
MOD - [2008/12/20 05:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008/12/20 05:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
MOD - [2004/05/25 17:06:58 | 000,417,792 | ---- | M] () -- C:\Windows\System32\ac3filter.ax
========== Win32 Services (SafeList) ==========
SRV - [2012/06/23 10:25:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/16 11:40:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010/05/26 22:25:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/28 16:41:06 | 000,472,328 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009/07/28 16:41:04 | 000,414,984 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009/07/14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/01 20:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ED9A8662-FA27-4DBE-BD38-13AD8B7272BF}\MpKslb78d1db6.sys -- (MpKslb78d1db6)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/03/15 12:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2010/03/15 10:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010/03/15 10:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2010/03/15 10:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2010/03/15 10:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010/03/15 10:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2010/03/15 10:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010/01/20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009/07/30 11:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/28 23:09:38 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009/07/21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/16 14:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009/06/15 04:46:22 | 000,475,648 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/05/25 22:12:36 | 000,122,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2009/03/13 18:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/08/06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/03/14 15:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/28 23:44:14 | 000,092,032 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... FORM=LENIE
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... FORM=LENIE
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... F3BBBCA798
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2233703
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://qip.ru"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Iva\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Iva\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 11:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/06 17:17:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010/01/29 20:17:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iva\AppData\Roaming\mozilla\Extensions
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions
[2012/06/17 16:28:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012/06/22 21:41:13 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}
[2012/05/18 05:24:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/03/30 19:29:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/06/23 11:31:50 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\superfish@superfish.com
[2012/04/30 21:38:03 | 000,000,000 | ---D | M] ("@@toolbarname@@") -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\toolbar@ask.com
[2012/05/19 08:46:54 | 000,002,562 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\askcom.xml
[2010/06/24 23:17:02 | 000,000,687 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icq-search.xml
[2010/07/24 23:39:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-1.xml
[2011/03/05 15:21:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-10.xml
[2011/03/07 22:04:47 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-11.xml
[2011/03/22 18:25:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-12.xml
[2011/03/24 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-13.xml
[2011/04/30 08:52:35 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-14.xml
[2011/06/22 22:03:55 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-15.xml
[2011/08/18 20:27:29 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-16.xml
[2011/08/20 11:20:37 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-17.xml
[2011/09/03 08:57:15 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-18.xml
[2011/09/10 09:14:46 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-19.xml
[2010/07/25 15:59:05 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-2.xml
[2011/09/29 16:37:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-20.xml
[2011/10/01 00:14:04 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-21.xml
[2011/11/12 18:33:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-22.xml
[2012/01/08 10:10:43 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-23.xml
[2012/01/21 00:14:39 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-24.xml
[2010/07/25 21:41:11 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-3.xml
[2010/08/16 20:50:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-4.xml
[2010/09/10 12:53:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-5.xml
[2010/10/22 18:14:19 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-6.xml
[2010/10/23 16:32:54 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-7.xml
[2010/11/02 18:13:49 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-8.xml
[2010/12/12 10:28:56 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-9.xml
[2010/06/26 23:19:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin.xml
[2012/06/23 11:27:11 | 000,002,062 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\qip-search.xml
[2012/06/23 10:30:02 | 000,002,103 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\wot-safe-search.xml
[2012/06/22 22:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/29 20:40:41 | 000,258,567 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/01/21 18:28:22 | 000,008,640 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI
[2012/01/21 19:10:29 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/01/21 18:28:23 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012/01/21 18:28:23 | 000,091,556 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{EDA7B1D7-F793-4E03-B074-E6F303317FB0}.XPI
[2012/01/21 18:28:23 | 000,105,386 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.XPI
[2012/01/21 18:28:13 | 000,025,781 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\ADD-TO-SEARCHBOX@MALTEKRAUS.DE.XPI
[2012/01/21 18:28:19 | 000,195,719 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
[2012/03/22 20:50:05 | 000,032,381 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\QUICKDRAG@MOZILLA.KTECHCOMPUTING.COM.XPI
[2012/02/23 16:56:47 | 000,072,222 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
[2012/01/21 19:05:30 | 000,009,961 | ---- | M] () (No name found) -- C:\USERS\IVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHM4DQWJ.DEFAULT\EXTENSIONS\YOUTUBEQUALITY@RZLL.XPI
[2012/06/16 11:40:02 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/03 17:32:58 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 16:39:20 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012/01/29 16:39:20 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012/01/29 16:39:20 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/01/29 16:39:20 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/01/29 16:39:20 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/01/29 16:39:20 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
========== Chrome ==========
CHR - Extension: YouTube = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/05/19 13:18:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D8E5325-D3B6-4362-9845-C12615EAD2BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A6B09D9-D8F4-4C90-A6A4-7B84A2405D60}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/06/23 19:16:06 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
[2012/06/23 18:15:46 | 000,000,000 | ---D | C] -- C:\rsit
[2012/06/23 15:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2012/06/23 15:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2012/06/23 12:16:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/23 11:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\QipGuard
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QIP 2012
[2012/06/23 11:26:55 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\QIP 2012
[2012/06/23 10:29:38 | 000,000,000 | ---D | C] -- C:\Users\Iva\AppData\Local\Macromedia
[2012/06/21 05:28:07 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/21 05:28:06 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/21 05:27:53 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/21 05:27:53 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/21 05:27:52 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/21 05:27:41 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/21 05:27:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
========== Files - Modified Within 7 Days ==========
[2012/06/23 19:29:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/23 19:16:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Iva\Desktop\OTL.exe
[2012/06/23 19:15:00 | 000,000,938 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job
[2012/06/23 18:34:02 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/23 18:03:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/23 15:45:55 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012/06/23 11:26:55 | 000,001,014 | ---- | M] () -- C:\Users\Iva\Desktop\QIP 2012.lnk
[2012/06/23 11:20:26 | 000,665,078 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/23 11:20:26 | 000,125,172 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:25:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/06/23 10:25:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/06/23 10:20:22 | 2384,932,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/23 02:53:54 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job
[2012/06/21 21:45:54 | 000,001,242 | ---- | M] () -- C:\Users\Iva\Desktop\Paint (2).lnk
[2012/06/21 17:02:28 | 007,222,586 | ---- | M] () -- C:\Users\Iva\Desktop\ManualXV.vsesokolskehosletu-A.pdf
[2012/06/17 21:26:30 | 000,002,726 | ---- | M] () -- C:\Users\Iva\.recently-used.xbel
[2012/06/17 21:26:05 | 000,595,563 | ---- | M] () -- C:\Users\Iva\Desktop\vysvedcenie.jpg
========== Files Created - No Company Name ==========
[2012/06/23 19:29:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/23 15:45:55 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012/06/23 11:26:55 | 000,001,014 | ---- | C] () -- C:\Users\Iva\Desktop\QIP 2012.lnk
[2012/06/21 21:45:54 | 000,001,242 | ---- | C] () -- C:\Users\Iva\Desktop\Paint (2).lnk
[2012/06/21 17:02:28 | 007,222,586 | ---- | C] () -- C:\Users\Iva\Desktop\ManualXV.vsesokolskehosletu-A.pdf
[2012/06/17 21:26:30 | 000,002,726 | ---- | C] () -- C:\Users\Iva\.recently-used.xbel
[2012/06/17 21:16:39 | 000,595,563 | ---- | C] () -- C:\Users\Iva\Desktop\vysvedcenie.jpg
[2012/04/04 21:10:30 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/09/26 21:23:10 | 000,007,722 | ---- | C] () -- C:\Users\Iva\AppData\Roaming\mdbu.bin
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2010/11/07 16:06:42 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/05/08 20:34:32 | 000,003,584 | ---- | C] () -- C:\Users\Iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/04 22:40:58 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml
========== LOP Check ==========
[2010/08/01 08:24:04 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\EasyCapture
[2011/04/02 19:49:29 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\eM Client
[2012/04/04 21:14:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\GetRightToGo
[2012/06/17 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\gtk-2.0
[2012/06/23 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\ICQ
[2011/01/30 11:29:11 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Opera
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2011/11/29 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony
[2011/11/28 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony Setup
[2012/04/04 21:16:10 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\VDownloader
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Zylom
[2010/01/30 11:59:23 | 000,000,500 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job
[2012/03/11 09:27:45 | 000,032,570 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010/04/09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010/04/09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\ERDNT\cache\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< >
< %systemroot%*.* /U /s >
[9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp files -> C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp files -> C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp files -> C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/02/01 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Adobe
[2012/02/07 19:08:15 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Apple Computer
[2010/08/01 08:24:04 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\EasyCapture
[2011/04/02 19:49:29 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\eM Client
[2012/04/04 21:14:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\GetRightToGo
[2012/06/17 21:25:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\gtk-2.0
[2012/06/23 19:23:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\ICQ
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Identities
[2010/02/01 21:49:14 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Macromedia
[2009/07/29 12:50:54 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Media Center Programs
[2012/06/23 10:29:38 | 000,000,000 | --SD | M] -- C:\Users\Iva\AppData\Roaming\Microsoft
[2010/01/29 20:17:27 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Mozilla
[2010/04/18 16:17:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Nero
[2011/01/30 11:29:11 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Opera
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QIP
[2012/06/23 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\QipGuard
[2012/03/08 10:21:42 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Skype
[2011/07/21 20:06:05 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\skypePM
[2011/11/29 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony
[2011/11/28 23:48:25 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Sony Setup
[2012/04/04 21:16:10 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\VDownloader
[2010/01/30 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Iva\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2011/11/28 23:54:44 | 000,010,134 | R--- | M] () -- C:\Users\Iva\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2012/01/21 23:33:50 | 003,884,200 | ---- | M] (Ask) -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2011/10/12 18:35:16 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Users\Iva\AppData\Roaming\QipGuard\QipGuard.exe
[2011/11/28 23:50:31 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Users\Iva\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012/06/23 19:34:00 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012/06/23 02:53:54 | 000,000,886 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job
[2012/06/23 19:15:00 | 000,000,938 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job
[2010/01/30 11:59:23 | 000,000,500 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:27:54 | 000,009,920 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 10:25:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerApp.exe
[2012/06/23 10:25:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2012/06/23 11:20:26 | 000,125,172 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2012/06/23 11:20:26 | 000,665,078 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2012/06/23 11:20:26 | 000,795,564 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Iva\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/06/15 23:05:15 | 000,136,176 | ---- | M] (Google Inc.)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2012/06/23 15:45:23 | 000,124,216 | ---- | M] (ICQ, LLC.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/06/16 11:40:01 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/05/18 01:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/06/15 15:55:47 | 000,874,384 | ---- | M] (Opera Software) MD5=308AB9B6B7BEDF60E458D1B950F5CD80 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/06/23 19:29:33 | 000,000,512 | ---- | M] () MD5=CCCDE2D48F1F80244AF1F532C50B42B1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2004/01/01 04:00:00 | 000,007,357 | ---- | M] () -- \DOKUMENTY\Fotky\Fotky_z_fotaku_NEroztriedene\Telefony\Obrazky-Videa-MMS_z_telefonu\Fotky_z_telefonu\Z_telefonu\Pictures\Screensaver\Cracks.jpg
[2002/01/24 14:03:30 | 000,012,288 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Windows Commander 5.0\Crack\Crack.exe
[2002/01/24 14:07:58 | 000,000,181 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Windows Commander 5.0\Crack\Crack.exe.sig
[2011/05/24 20:45:14 | 005,758,513 | ---- | M] () -- \DOKUMENTY\Z_mailu\Videa\IA4_Scrat_Continental_Crack.wmv
[2008/03/04 16:01:54 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1993/01/06 01:29:20 | 000,001,522 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Ine_hry\Summer_letna_olympiada\Sumcrack.exe
[1993/01/06 01:29:20 | 000,001,522 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Ine_hry\Winter_zimna_olympiada\Sumcrack.exe
[2002/05/30 18:16:22 | 000,013,160 | ---- | M] () -- \Users\Iva\Saved Games\Hry\Stronghold Crusader\gm\cracks.gm1
< *keygen* /s >
< *loader* /s >
[2012/04/04 20:54:35 | 000,367,939 | ---- | M] () -- \DOKUMENTY\NOVE_USPORIADANIE\Instalacky\Na_stahovanie_videi_z_Youtobe\Brothersoftdownloader_for_VDownloader.exe
[2008/02/13 12:43:00 | 000,003,264 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2008/03/04 16:20:24 | 000,032,280 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2008/03/04 16:20:24 | 000,031,040 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2008/03/04 16:20:24 | 000,045,392 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2008/03/04 16:20:24 | 000,030,392 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2008/03/04 16:20:26 | 000,037,456 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2008/03/04 16:20:26 | 000,024,904 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2008/03/04 16:20:26 | 000,039,400 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2008/03/04 16:20:26 | 000,027,264 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2008/03/04 16:20:26 | 000,022,088 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2008/03/04 16:20:26 | 000,027,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2008/03/04 16:20:28 | 000,031,400 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2008/03/04 16:20:28 | 000,021,632 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2008/03/04 16:20:28 | 000,027,584 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2008/03/04 16:20:28 | 000,045,304 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2008/01/21 20:57:42 | 000,009,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011/09/08 12:18:34 | 000,001,570 | ---- | M] () -- \Program Files\HF Designer\Loader.elf
[2011/09/08 12:18:26 | 000,602,808 | ---- | M] () -- \Program Files\HF Designer\Loader.exe
[2010/04/14 10:50:51 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010/04/14 10:50:51 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010/04/14 10:50:51 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010/04/14 10:50:51 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2010/04/14 10:53:19 | 000,003,479 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\coreg\preloader04.swf
[2011/03/14 23:01:47 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011/02/14 20:27:33 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011/02/14 20:27:33 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010/04/14 10:52:05 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2012/06/23 15:45:20 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/06/23 15:45:21 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/06/23 15:45:20 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/06/23 15:45:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2006/10/24 12:05:10 | 000,014,184 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006/10/24 12:06:52 | 000,047,976 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\Loader.dll
[2005/10/14 04:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 04:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2011/09/27 16:18:22 | 001,614,848 | ---- | M] () -- \Program Files\VDownloader\VDownloader.exe
[2011/03/06 17:42:30 | 000,015,086 | ---- | M] () -- \Program Files\VDownloader\VDownloader.ico
[2011/09/27 16:14:10 | 000,284,160 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.dll
[2011/08/18 18:14:40 | 004,348,416 | ---- | M] () -- \Program Files\VDownloader\Addons\npVDownloader.dll
[2011/08/18 18:14:18 | 000,000,247 | ---- | M] () -- \Program Files\VDownloader\Addons\FireFox\chrome\content\vdownloader.xul
[2011/09/27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ar\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\de\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\es\VDownloader.resources.dll
[2011/09/27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\fr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\hu\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\it\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ja\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\ko\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\nl\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\pl\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\pt-BR\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\ru\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,028,672 | ---- | M] () -- \Program Files\VDownloader\sr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\tr\VDownloader.resources.dll
[2011/09/27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\zh-CHS\VDownloader.resources.dll
[2012/04/04 21:10:32 | 000,001,839 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2009/07/20 12:52:26 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/04/04 21:10:32 | 000,001,839 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2009/07/20 12:52:26 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/06/23 15:45:39 | 000,000,402 | ---- | M] () -- \Users\Iva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6QGHQH1Z\preloader[1].htm
[2012/06/23 02:43:38 | 000,000,402 | ---- | M] () -- \Users\Iva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DB5E98IH\preloader[1].htm
[2012/04/04 21:09:23 | 000,000,000 | ---- | M] () -- \Users\Iva\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_VDownloader.data
[2012/04/04 21:10:33 | 000,001,845 | ---- | M] () -- \Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2012/04/04 21:09:15 | 015,240,116 | ---- | M] () -- \Users\Iva\Documents\Downloads\VDownloaderSetup.exe
[2012/04/04 21:10:32 | 000,001,821 | ---- | M] () -- \Users\Public\Desktop\VDownloader.lnk
[2010/01/29 19:55:41 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009/09/23 03:26:05 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2009/09/23 03:26:05 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2012/05/12 08:13:50 | 000,021,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\ILoader\658b954dac816051e753159c77fd903d\ILoader.ni.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/22 15:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/04/20 20:47:23 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/04/20 20:47:23 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/04/20 20:47:23 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: NTB preventivka
OTL Extras logfile created on: 23. 6. 2012 19:22:06 - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Iva\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,96 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,14% Memory free
5,92 Gb Paging File | 4,15 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 81,34 Gb Free Space | 32,16% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 19,83 Gb Free Space | 65,57% Space Free | Partition Type: NTFS
Drive G: | 3,72 Gb Total Space | 1,48 Gb Free Space | 39,83% Space Free | Partition Type: FAT32
Computer Name: IVA-PC | User Name: Iva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BF04F4-1ACB-4D42-8974-F9350F85913F}" = lport=139 | protocol=6 | dir=in | app=system |
"{066B6095-BBAF-49B6-9C09-6D70A956C0DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0884F228-7631-4472-8759-99F4DF152751}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{135F0718-5046-416A-9293-5C87A50BFE0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1619C353-7415-417D-90D0-284CFFFF4D60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19A7B71E-27B1-4E17-A257-D585B0DB9ADA}" = rport=445 | protocol=6 | dir=out | app=system |
"{1BC04C00-6E53-45D3-8F11-F2E01785AB5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C900943-B467-44D8-B83B-9D5D944DAC45}" = lport=445 | protocol=6 | dir=in | app=system |
"{312BBFEF-9697-4F9C-9FD7-E300AB03D44C}" = rport=139 | protocol=6 | dir=out | app=system |
"{37F6BF7A-94EF-4F53-B483-4191F19D0770}" = rport=138 | protocol=17 | dir=out | app=system |
"{4CDEB50E-0624-4A9A-B010-56C6FB85CB34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{587C1AC4-9835-413E-88E4-CA8F762BA4F9}" = lport=138 | protocol=17 | dir=in | app=system |
"{6BD4A3E2-8F8A-4A6F-9A12-84DB4A86292C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{74412693-DDA0-4992-AB37-D55DBF3B75AE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E64CC97-77CF-4C78-8357-26EE40DB3D85}" = lport=137 | protocol=17 | dir=in | app=system |
"{7F335F79-DFBB-4758-997E-B691DA78D10C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8AA86B61-86C3-47BC-9EAB-88435BAC2C53}" = rport=137 | protocol=17 | dir=out | app=system |
"{8DEE8628-0556-4561-A44E-98EDD781A50D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{965B9675-97F0-4541-A7FA-B1D2B5009BA0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98A78F91-3A51-496A-9AE1-FB3F6F08033F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C6CA2BB0-F069-44E0-855A-60AC508835C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D813B45A-3317-4494-9AF0-D831824DF3CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EBD48DF9-6BE2-4D2D-AFF4-C737839670E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002534BA-6EE3-40CD-BD44-D8B38EEB9D4F}" = protocol=6 | dir=out | app=system |
"{0C0DCF90-E250-4325-8275-9595FECF2D2F}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{1279EAB1-AAB1-4993-A899-6C839FFC5300}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13167E7D-2FF4-4F46-BA07-2CF4838F90AA}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{19FE0E10-D10C-44B1-8B64-D72E6810B046}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{1F627883-E0E2-42AF-89A7-728438F1EF70}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2063E726-252E-4AA8-8400-1BF797BC473C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{21DD6A2A-2D3F-4565-8803-B815BD409441}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2218F831-856C-4E69-A372-AF76C65DFB5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2553EFAB-2FA2-4CAD-8970-224B673EAE70}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{25A04806-39BE-4844-A2DF-38AAD39F517F}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{274186CA-8E0F-4083-9020-30B819D51EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E929752-29B8-49DC-B921-2A2190CCFCE8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{3DAE2E26-3D52-4E65-B808-9BB50FE05534}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{3F6E1029-3C60-48E9-B43A-995BD4170373}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4AA34B69-7424-46E7-87E7-980F2759AB79}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4EA0217B-B0FF-406B-AFD3-473DA5F3D1DB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50309CE0-6061-4F45-8387-30F71EABD235}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{5429CFFB-69C4-4D1D-81C8-5676DB7389C7}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{5F9026BA-3A02-40A9-A85B-8B87C8BCEB88}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{627A5556-9458-4FEC-8714-BFC9EB08048B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64A2852A-4CD5-489A-B66C-287F93580420}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{698B2B73-2E18-4DAA-ABCB-CE89CD64197C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{70C753EC-0450-488D-9FED-B9CD5192FEAD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{73D9C0AF-27AD-45BB-81EF-D44804CD289F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{773470E4-2101-421F-860C-F50618287C65}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D4EBB45-7C2D-476A-866E-321EB71387D2}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{8438D759-BD91-4474-87F6-93933ECAF8F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{9954BC0E-7C51-4E14-8B08-38307F4E13D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A69A1DF5-04BE-442C-B50D-F84EF3D325EC}" = dir=in | app=c:\program files\lenovo\readycomm\readycom.exe |
"{A6A68280-5BE6-45C9-8508-727358BE7079}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A90221DA-0351-4B04-A9C7-9A7B7F07FBAC}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{AE86CC13-F845-4BBE-A531-94ACCE01422B}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{B0C4659B-1898-4F02-AF3F-7D4E8C866712}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B15C5458-D4C3-4F39-8188-C73886AB484C}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{BA65D30D-7D56-4908-AA58-3829F2E5D8D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA89D323-93A1-4750-828A-C797329A72B9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BEFCA7AA-B099-4086-A3D5-B56495D16158}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C164D993-391A-4DC2-9702-34F3F7589F61}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C4061101-4E40-4768-8CF4-46D116BB3302}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C954B080-78AD-41E4-AC33-CECC4B574CFA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D875C134-60E0-4124-92A0-8BA9273F9885}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D9947D47-64ED-4E36-A234-F83F84FCBA4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E119330F-0296-41AE-881E-9AB1C7B550E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{ED4422A6-91FF-4763-820E-2D189C6E56ED}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{F410BBB9-AE8D-4117-914E-33DD15AD4422}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB1A4627-FEBA-4357-AC70-E5A086C73552}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FF4225D5-645C-415B-886F-4B899AE761E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asistent pri prihlasovaní v konte Windows Live ID
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Lenovo EasyCamera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622E0760-2CB0-4BA7-A57D-6D0B952EE04D}" = eM Client
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-041B-0000-0000000FF1CE}" = Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.6.943
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}" = Nero 9 Essentials
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"doPDF 6 printer_is1" = doPDF 6.0 printer
"EasyCapture4.0" = EasyCapture
"HappyFoto-Designer_is1" = HF Designer 2.7
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 13.0.1 (x86 sk)" = Mozilla Firefox 13.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.00.1467" = Opera 12.00
"RarZilla Free Unrar 2.53" = RarZilla Free Unrar 2.53
"The KMPlayer" = The KMPlayer (remove only)
"Theophilos 3.0_is1" = Theophilos 3.0
"TVWiz" = Intel(R) TV Wizard
"VeriFace" = VeriFace
"WinGimp-2.0_is1" = GIMP 2.4.5
"WinPcapInst" = WinPcap 4.1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet
"Google Chrome" = Google Chrome
"Puzzle Express Deluxe" = Puzzle Express Deluxe
"QIP 2012" = QIP 2012 4.0.6611
"QipGuard" = QIP Internet Guardian
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6. 2. 2012 15:14:39 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 6. 2. 2012 15:14:40 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 6. 2. 2012 15:14:40 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 8. 2. 2012 14:22:45 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program opera.exe version 11.61.1250.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 834 Start
Time: 01cce68e42d945b5 Termination Time: 47 Application Path: C:\Program Files\Opera\opera.exe
Report
Id: dc076c04-5281-11e1-8e9b-002622d474ed
Error - 10. 2. 2012 16:54:46 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 10.0.0.4411 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c40 Start
Time: 01cce825905bca6b Termination Time: 3244 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id:
Error - 11. 2. 2012 14:28:20 | Computer Name = Iva-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 11. 2. 2012 14:28:20 | Computer Name = Iva-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 12. 2. 2012 3:29:18 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ff0 Start
Time: 01cce95784f4984d Termination Time: 83 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 12. 2. 2012 16:08:24 | Computer Name = Iva-PC | Source = Windows Backup | ID = 4103
Description =
Error - 12. 2. 2012 17:17:44 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 6d8 Start
Time: 01cce98a9f028412 Termination Time: 193 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
[ Media Center Events ]
Error - 18. 8. 2011 13:01:20 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 19:01:20 - Chyba pripájania na Internet. 19:01:20 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 13:01:31 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 19:01:26 - Chyba pripájania na Internet. 19:01:26 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 14:01:36 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 20:01:36 - Chyba pripájania na Internet. 20:01:36 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 14:01:42 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 20:01:41 - Chyba pripájania na Internet. 20:01:41 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 15:28:22 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 21:28:22 - Chyba pripájania na Internet. 21:28:22 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 15:28:34 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 21:28:27 - Chyba pripájania na Internet. 21:28:27 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 16:28:39 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 22:28:39 - Chyba pripájania na Internet. 22:28:39 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 16:28:45 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 22:28:44 - Chyba pripájania na Internet. 22:28:44 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 17:28:50 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 23:28:50 - Chyba pripájania na Internet. 23:28:50 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 17:28:57 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 23:28:56 - Chyba pripájania na Internet. 23:28:56 - Nebolo možné
spojiť sa so serverom..
[ OSession Events ]
Error - 14. 11. 2010 16:35:38 | Computer Name = Iva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2. 6. 2011 16:45:58 | Computer Name = Iva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 14. 6. 2012 9:06:13 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 14. 6. 2012 16:50:38 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 15. 6. 2012 9:53:59 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby ShellHWDetection bol
dosiahnutý časový limit (30000 ms).
Error - 15. 6. 2012 9:53:59 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby lmhosts bol dosiahnutý
časový limit (30000 ms).
Error - 15. 6. 2012 17:28:15 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft Antimalware Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát. O 15000 ms bude vykonaná nasledujúca opravná
akcia: Reštartovať službu.
Error - 17. 6. 2012 10:27:48 | Computer Name = Iva-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:11:41 on ?17. ?6. ?2012 was unexpected.
Error - 19. 6. 2012 11:22:51 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 19. 6. 2012 16:47:03 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 20. 6. 2012 8:14:19 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 20. 6. 2012 16:49:09 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Iva\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
2,96 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,14% Memory free
5,92 Gb Paging File | 4,15 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 252,89 Gb Total Space | 81,34 Gb Free Space | 32,16% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 19,83 Gb Free Space | 65,57% Space Free | Partition Type: NTFS
Drive G: | 3,72 Gb Total Space | 1,48 Gb Free Space | 39,83% Space Free | Partition Type: FAT32
Computer Name: IVA-PC | User Name: Iva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BF04F4-1ACB-4D42-8974-F9350F85913F}" = lport=139 | protocol=6 | dir=in | app=system |
"{066B6095-BBAF-49B6-9C09-6D70A956C0DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0884F228-7631-4472-8759-99F4DF152751}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{135F0718-5046-416A-9293-5C87A50BFE0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1619C353-7415-417D-90D0-284CFFFF4D60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19A7B71E-27B1-4E17-A257-D585B0DB9ADA}" = rport=445 | protocol=6 | dir=out | app=system |
"{1BC04C00-6E53-45D3-8F11-F2E01785AB5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C900943-B467-44D8-B83B-9D5D944DAC45}" = lport=445 | protocol=6 | dir=in | app=system |
"{312BBFEF-9697-4F9C-9FD7-E300AB03D44C}" = rport=139 | protocol=6 | dir=out | app=system |
"{37F6BF7A-94EF-4F53-B483-4191F19D0770}" = rport=138 | protocol=17 | dir=out | app=system |
"{4CDEB50E-0624-4A9A-B010-56C6FB85CB34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{587C1AC4-9835-413E-88E4-CA8F762BA4F9}" = lport=138 | protocol=17 | dir=in | app=system |
"{6BD4A3E2-8F8A-4A6F-9A12-84DB4A86292C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{74412693-DDA0-4992-AB37-D55DBF3B75AE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E64CC97-77CF-4C78-8357-26EE40DB3D85}" = lport=137 | protocol=17 | dir=in | app=system |
"{7F335F79-DFBB-4758-997E-B691DA78D10C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8AA86B61-86C3-47BC-9EAB-88435BAC2C53}" = rport=137 | protocol=17 | dir=out | app=system |
"{8DEE8628-0556-4561-A44E-98EDD781A50D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{965B9675-97F0-4541-A7FA-B1D2B5009BA0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98A78F91-3A51-496A-9AE1-FB3F6F08033F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C6CA2BB0-F069-44E0-855A-60AC508835C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D813B45A-3317-4494-9AF0-D831824DF3CC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EBD48DF9-6BE2-4D2D-AFF4-C737839670E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002534BA-6EE3-40CD-BD44-D8B38EEB9D4F}" = protocol=6 | dir=out | app=system |
"{0C0DCF90-E250-4325-8275-9595FECF2D2F}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{1279EAB1-AAB1-4993-A899-6C839FFC5300}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13167E7D-2FF4-4F46-BA07-2CF4838F90AA}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{19FE0E10-D10C-44B1-8B64-D72E6810B046}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{1F627883-E0E2-42AF-89A7-728438F1EF70}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2063E726-252E-4AA8-8400-1BF797BC473C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{21DD6A2A-2D3F-4565-8803-B815BD409441}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2218F831-856C-4E69-A372-AF76C65DFB5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2553EFAB-2FA2-4CAD-8970-224B673EAE70}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{25A04806-39BE-4844-A2DF-38AAD39F517F}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{274186CA-8E0F-4083-9020-30B819D51EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AFED377-0A67-4CB4-9E68-AA17F07CC0E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E929752-29B8-49DC-B921-2A2190CCFCE8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{33FFBE7A-5CFE-41F7-9C00-901BE47D649F}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{3DAE2E26-3D52-4E65-B808-9BB50FE05534}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{3F6E1029-3C60-48E9-B43A-995BD4170373}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{41B2B6CA-4BE9-486B-B867-3A8163B5EF97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4AA34B69-7424-46E7-87E7-980F2759AB79}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4EA0217B-B0FF-406B-AFD3-473DA5F3D1DB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4F5E48D2-17E9-45AE-A1B9-C9D153C275D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50309CE0-6061-4F45-8387-30F71EABD235}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{5429CFFB-69C4-4D1D-81C8-5676DB7389C7}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{5F9026BA-3A02-40A9-A85B-8B87C8BCEB88}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{627A5556-9458-4FEC-8714-BFC9EB08048B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64A2852A-4CD5-489A-B66C-287F93580420}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{698B2B73-2E18-4DAA-ABCB-CE89CD64197C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{70C753EC-0450-488D-9FED-B9CD5192FEAD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{73D9C0AF-27AD-45BB-81EF-D44804CD289F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{773470E4-2101-421F-860C-F50618287C65}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D4EBB45-7C2D-476A-866E-321EB71387D2}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{8438D759-BD91-4474-87F6-93933ECAF8F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BCAAD73-86D7-4ACB-8986-D6AE5A52A2FD}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{9954BC0E-7C51-4E14-8B08-38307F4E13D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A3BD9B4-1B67-4B6C-8DE1-2F477D26F696}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A69A1DF5-04BE-442C-B50D-F84EF3D325EC}" = dir=in | app=c:\program files\lenovo\readycomm\readycom.exe |
"{A6A68280-5BE6-45C9-8508-727358BE7079}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A90221DA-0351-4B04-A9C7-9A7B7F07FBAC}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{AE86CC13-F845-4BBE-A531-94ACCE01422B}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{B0C4659B-1898-4F02-AF3F-7D4E8C866712}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B15C5458-D4C3-4F39-8188-C73886AB484C}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{BA65D30D-7D56-4908-AA58-3829F2E5D8D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA89D323-93A1-4750-828A-C797329A72B9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BEFCA7AA-B099-4086-A3D5-B56495D16158}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C164D993-391A-4DC2-9702-34F3F7589F61}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C4061101-4E40-4768-8CF4-46D116BB3302}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C954B080-78AD-41E4-AC33-CECC4B574CFA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D875C134-60E0-4124-92A0-8BA9273F9885}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D9947D47-64ED-4E36-A234-F83F84FCBA4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E119330F-0296-41AE-881E-9AB1C7B550E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9B25EC6-C489-49F6-A485-AD6F9EE7EA5B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECE083BB-B64A-45C8-8029-DB318B4A5F0E}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{ED4422A6-91FF-4763-820E-2D189C6E56ED}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{F410BBB9-AE8D-4117-914E-33DD15AD4422}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{F9AE9B17-9BB8-49FD-B76C-225DCEF378EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB1A4627-FEBA-4357-AC70-E5A086C73552}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FF4225D5-645C-415B-886F-4B899AE761E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{87865ECB-6BAB-4957-9881-75DC136D889C}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{BFB1BD70-4668-4735-9277-BF2C8FC8D96A}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{C3B652EC-FB8E-4BD2-96A2-7FCA3B2E3CBC}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{D6915018-2A90-4CAC-8D5C-60427DBFFB57}C:\program files\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{539F7CB0-327A-4949-A591-7AF2933E4A24}C:\program files\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012\qip.exe |
"UDP Query User{57D7DE28-E332-4309-B5BE-2B1241C996AB}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"UDP Query User{AC1D111C-7049-4C99-A992-CE9054976335}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{F17F7FF8-E5B0-4B99-AA4F-083047336DC2}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asistent pri prihlasovaní v konte Windows Live ID
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Lenovo EasyCamera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622E0760-2CB0-4BA7-A57D-6D0B952EE04D}" = eM Client
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-041B-0000-0000000FF1CE}" = Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.6.943
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{faeebf0a-0bd4-44a5-a539-f9ea31b1e084}" = Nero 9 Essentials
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"doPDF 6 printer_is1" = doPDF 6.0 printer
"EasyCapture4.0" = EasyCapture
"HappyFoto-Designer_is1" = HF Designer 2.7
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 13.0.1 (x86 sk)" = Mozilla Firefox 13.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.00.1467" = Opera 12.00
"RarZilla Free Unrar 2.53" = RarZilla Free Unrar 2.53
"The KMPlayer" = The KMPlayer (remove only)
"Theophilos 3.0_is1" = Theophilos 3.0
"TVWiz" = Intel(R) TV Wizard
"VeriFace" = VeriFace
"WinGimp-2.0_is1" = GIMP 2.4.5
"WinPcapInst" = WinPcap 4.1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet
"Google Chrome" = Google Chrome
"Puzzle Express Deluxe" = Puzzle Express Deluxe
"QIP 2012" = QIP 2012 4.0.6611
"QipGuard" = QIP Internet Guardian
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6. 2. 2012 15:14:39 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 6. 2. 2012 15:14:40 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 6. 2. 2012 15:14:40 | Computer Name = Iva-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.
Error - 8. 2. 2012 14:22:45 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program opera.exe version 11.61.1250.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 834 Start
Time: 01cce68e42d945b5 Termination Time: 47 Application Path: C:\Program Files\Opera\opera.exe
Report
Id: dc076c04-5281-11e1-8e9b-002622d474ed
Error - 10. 2. 2012 16:54:46 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 10.0.0.4411 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c40 Start
Time: 01cce825905bca6b Termination Time: 3244 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id:
Error - 11. 2. 2012 14:28:20 | Computer Name = Iva-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 11. 2. 2012 14:28:20 | Computer Name = Iva-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 12. 2. 2012 3:29:18 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ff0 Start
Time: 01cce95784f4984d Termination Time: 83 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
Error - 12. 2. 2012 16:08:24 | Computer Name = Iva-PC | Source = Windows Backup | ID = 4103
Description =
Error - 12. 2. 2012 17:17:44 | Computer Name = Iva-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 6d8 Start
Time: 01cce98a9f028412 Termination Time: 193 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
[ Media Center Events ]
Error - 18. 8. 2011 13:01:20 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 19:01:20 - Chyba pripájania na Internet. 19:01:20 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 13:01:31 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 19:01:26 - Chyba pripájania na Internet. 19:01:26 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 14:01:36 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 20:01:36 - Chyba pripájania na Internet. 20:01:36 - Nebolo možné
spojiť sa so serverom..
Error - 18. 8. 2011 14:01:42 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 20:01:41 - Chyba pripájania na Internet. 20:01:41 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 15:28:22 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 21:28:22 - Chyba pripájania na Internet. 21:28:22 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 15:28:34 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 21:28:27 - Chyba pripájania na Internet. 21:28:27 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 16:28:39 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 22:28:39 - Chyba pripájania na Internet. 22:28:39 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 16:28:45 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 22:28:44 - Chyba pripájania na Internet. 22:28:44 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 17:28:50 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 23:28:50 - Chyba pripájania na Internet. 23:28:50 - Nebolo možné
spojiť sa so serverom..
Error - 19. 8. 2011 17:28:57 | Computer Name = Iva-PC | Source = MCUpdate | ID = 0
Description = 23:28:56 - Chyba pripájania na Internet. 23:28:56 - Nebolo možné
spojiť sa so serverom..
[ OSession Events ]
Error - 14. 11. 2010 16:35:38 | Computer Name = Iva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2. 6. 2011 16:45:58 | Computer Name = Iva-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 14. 6. 2012 9:06:13 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 14. 6. 2012 16:50:38 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 15. 6. 2012 9:53:59 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby ShellHWDetection bol
dosiahnutý časový limit (30000 ms).
Error - 15. 6. 2012 9:53:59 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby lmhosts bol dosiahnutý
časový limit (30000 ms).
Error - 15. 6. 2012 17:28:15 | Computer Name = Iva-PC | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft Antimalware Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát. O 15000 ms bude vykonaná nasledujúca opravná
akcia: Reštartovať službu.
Error - 17. 6. 2012 10:27:48 | Computer Name = Iva-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:11:41 on ?17. ?6. ?2012 was unexpected.
Error - 19. 6. 2012 11:22:51 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 19. 6. 2012 16:47:03 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 20. 6. 2012 8:14:19 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
Error - 20. 6. 2012 16:49:09 | Computer Name = Iva-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Re: NTB preventivka
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/ IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data] IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}: "URL" = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms} IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=&apn_uid=B0D98A94-7A9A-461B-9B76-D1F739440EB1&apn_sauid=15F20721-451D-43BB-AFC9-A5F3BBBCA798 IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703 IE - HKU\S-1-5-21-30654545-3194649466-4156373986-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "QIP Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://qip.ru" FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query=" [2012/06/23 11:26:55 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} 2012/04/30 21:38:03 | 000,000,000 | ---D | M] ("@@toolbarname@@") -- C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\toolbar@ask.com [2012/05/19 08:46:54 | 000,002,562 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\askcom.xml [2010/06/24 23:17:02 | 000,000,687 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icq-search.xml [2010/07/24 23:39:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-1.xml [2011/03/05 15:21:42 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-10.xml [2011/03/07 22:04:47 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-11.xml [2011/03/22 18:25:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-12.xml [2011/03/24 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-13.xml [2011/04/30 08:52:35 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-14.xml [2011/06/22 22:03:55 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-15.xml [2011/08/18 20:27:29 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-16.xml [2011/08/20 11:20:37 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-17.xml [2011/09/03 08:57:15 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-18.xml [2011/09/10 09:14:46 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-19.xml [2010/07/25 15:59:05 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-2.xml [2011/09/29 16:37:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-20.xml [2011/10/01 00:14:04 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-21.xml [2011/11/12 18:33:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-22.xml [2012/01/08 10:10:43 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-23.xml [2012/01/21 00:14:39 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-24.xml [2010/07/25 21:41:11 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-3.xml [2010/08/16 20:50:02 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-4.xml [2010/09/10 12:53:44 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-5.xml [2010/10/22 18:14:19 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-6.xml [2010/10/23 16:32:54 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-7.xml [2010/11/02 18:13:49 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-8.xml [2010/12/12 10:28:56 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-9.xml [2010/06/26 23:19:40 | 000,000,950 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin.xml [2012/06/23 11:27:11 | 000,002,062 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\qip-search.xml [2012/06/23 10:30:02 | 000,002,103 | ---- | M] () -- C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\wot-safe-search.xml O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present [9 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp files -> C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp files -> C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ] [1 C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp files -> C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp -> ] [2012/06/23 19:34:00 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job [2012/06/23 02:53:54 | 000,000,886 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job [2012/06/23 19:15:00 | 000,000,938 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job [2010/01/30 11:59:23 | 000,000,500 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job :services QipGuard Nero BackItUp Scheduler 4.0 :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "UpdateP2GShortCut"=- "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- "ICQ"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] :files C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit ci RUN FIX
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://qip.ru" removed from browser.startup.homepage
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\askcom.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\qip-search.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\wot-safe-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C24.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6834.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA42.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB77C.tmp\System.Configuration.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB77C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC580.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED3B.tmp folder deleted successfully.
C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\BITB616.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\BIT915C.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\BITCA80.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\BITCA6F.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job moved successfully.
C:\Windows\Tasks\Install_NSS.job moved successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Iva
->Temp folder emptied: 16208074 bytes
->Temporary Internet Files folder emptied: 46792813 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 155042648 bytes
->Opera cache emptied: 21333131 bytes
->Flash cache emptied: 1273 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47794 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 228,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Iva
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_163104
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-30654545-3194649466-4156373986-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BABF0AB-87B4-45BC-A343-1E48780C1AB0}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED32419-802E-42E1-AD5B-6B77605E8CA0}\ not found.
Registry key HKEY_USERS\S-1-5-21-30654545-3194649466-4156373986-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://qip.ru" removed from browser.startup.homepage
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Iva\AppData\Roaming\mozilla\Firefox\Profiles\ihm4dqwj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\askcom.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\qip-search.xml moved successfully.
C:\Users\Iva\AppData\Roaming\Mozilla\Firefox\Profiles\ihm4dqwj.default\searchplugins\wot-safe-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C24.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6834.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA42.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB77C.tmp\System.Configuration.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB77C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC580.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED3B.tmp folder deleted successfully.
C:\windows\SoftwareDistribution\Download\18229a268e399434115b2730b590655c\BITB616.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\21066b9ccd83f1b5e69be4eaa2b537c7\BIT915C.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\BITCA80.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\BITCA6F.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-30654545-3194649466-4156373986-1003UA.job moved successfully.
C:\Windows\Tasks\Install_NSS.job moved successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Iva
->Temp folder emptied: 16208074 bytes
->Temporary Internet Files folder emptied: 46792813 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 155042648 bytes
->Opera cache emptied: 21333131 bytes
->Flash cache emptied: 1273 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47794 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 228,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Iva
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06242012_163104
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: NTB preventivka
OTL provedlo co melo, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
Myslím, že to ide celkom dobre.
Re: NTB preventivka
Tak jeste uklidime 
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
OK ďakujem veľmi pekne 
, toto ale môžem urobiť až sa k NTB dostanem, mmt to nie je možné (až večer)
, toto ale môžem urobiť až sa k NTB dostanem, mmt to nie je možné (až večer) Re: NTB preventivka
Ešte sa chcem spýtať, ja mám ccleaner nejakú staršiu verziu, dá sa to nejako aktualizovať? Alebo je treba ho odinštalovať a stiahnuť novú verziu?
Re: NTB preventivka
Staci stahnout novou verzi a tu nainstalovat, prepise starsi verzi Aktualizace Vam pohodlne pohlida programek FileHippo UpdateChecker - staci spustit cca jednou za 14 dni"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: NTB preventivka
Ďakujem, ten program som si stiahla.
Ešte by som teda mala jednu vec, ak môžem.
Všetky vyššie uvedené programy som použila a v ccleaneri som si všimla, že tam stale "visi" Ask.toolbar tak som ho dala cez ccleaner odinštalovať. Zaseklo sa to v necelých dvoch tretinách a musela som to natvrdo vypnúť. Nedalo sa s tým nič robiť - a výsledok teda nijaký. Ten Ask.toolbar tam stále figuruje. Aj v "programy a súčasti" ten toolbar stále je a tiež sa odtiaľ nedá odinštalovať. Myslím, že ho nepotrebujem mať v PC. Dalo by sa s tým niečo robiť?
Ešte by som teda mala jednu vec, ak môžem.
Všetky vyššie uvedené programy som použila a v ccleaneri som si všimla, že tam stale "visi" Ask.toolbar tak som ho dala cez ccleaner odinštalovať. Zaseklo sa to v necelých dvoch tretinách a musela som to natvrdo vypnúť. Nedalo sa s tým nič robiť - a výsledok teda nijaký. Ten Ask.toolbar tam stále figuruje. Aj v "programy a súčasti" ten toolbar stále je a tiež sa odtiaľ nedá odinštalovať. Myslím, že ho nepotrebujem mať v PC. Dalo by sa s tým niečo robiť?
Přispějete na provoz fóra?