VIRY.CZ

Takže mám alebo nemám obnoviť systém?

Pokud Vám systém normálně naběhne, tak neobnovovat

OK, tu je ten log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by elen at 2010-08-22 00:55:12
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 116 GB (81%) free of 142 GB
Total RAM: 764 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:55:41, on 22. 8. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\windows\Explorer.EXE
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\MSTMON_N.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\elen\Desktop\RSIT.exe
C:\Program Files\trend micro\elen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\windows\system32\MSTMON_N.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0220271250167671) (0220271250167671mcinstcleanup) - Unknown owner - C:\Users\elen\AppData\Local\Temp\022027~1.EXE (file missing)
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 6310 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\windows\system32\MSTMON_N.EXE [2004-04-13 151552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"PMBVolumeWatcher"=C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2009-11-04 597792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-08-19 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^elen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\wpdshserviceobj.dll [2009-10-01 87552]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-22 00:45:48 ----SHD---- C:\Config.Msi
2010-08-22 00:28:55 ----SD---- C:\ComboFix
2010-08-21 23:38:08 ----ASH---- C:\hiberfil.sys
2010-08-21 22:16:55 ----D---- C:\windows\Minidump
2010-08-21 22:12:34 ----D---- C:\windows\ERDNT
2010-08-21 20:30:17 ----D---- C:\ProgramData\Alwil Software
2010-08-21 17:24:41 ----A---- C:\windows\system32\TURegOpt.exe
2010-08-21 17:24:38 ----A---- C:\windows\system32\uxtuneup.dll
2010-08-21 17:24:38 ----A---- C:\windows\system32\authuitu.dll
2010-08-21 17:24:11 ----D---- C:\Users\elen\AppData\Roaming\TuneUp Software
2010-08-21 17:23:50 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-21 17:21:40 ----D---- C:\ProgramData\TuneUp Software
2010-08-21 17:20:54 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-20 00:44:58 ----A---- C:\windows\system32\jscript.dll
2010-08-20 00:44:54 ----A---- C:\windows\system32\vbscript.dll
2010-08-19 23:36:26 ----D---- C:\Users\elen\AppData\Roaming\Malwarebytes
2010-08-19 23:36:14 ----D---- C:\ProgramData\Malwarebytes
2010-08-19 23:36:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-19 22:26:16 ----A---- C:\windows\ODBCINST.INI
2010-08-19 22:13:28 ----D---- C:\Program Files\Yamicsoft
2010-08-19 19:38:52 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2010-08-19 19:38:51 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2010-08-19 19:24:49 ----A---- C:\windows\system32\occache.dll
2010-08-19 19:24:49 ----A---- C:\windows\system32\mstime.dll
2010-08-19 19:24:48 ----A---- C:\windows\system32\jsproxy.dll
2010-08-19 19:24:47 ----A---- C:\windows\system32\iepeers.dll
2010-08-19 19:24:46 ----A---- C:\windows\system32\msfeedsbs.dll
2010-08-19 19:24:46 ----A---- C:\windows\system32\msfeeds.dll
2010-08-19 19:24:45 ----A---- C:\windows\system32\ieui.dll
2010-08-19 19:24:45 ----A---- C:\windows\system32\iesetup.dll
2010-08-19 19:24:44 ----A---- C:\windows\system32\wininet.dll
2010-08-19 19:24:44 ----A---- C:\windows\system32\iernonce.dll
2010-08-19 19:24:41 ----A---- C:\windows\system32\iedkcs32.dll
2010-08-19 19:24:40 ----A---- C:\windows\system32\msfeedssync.exe
2010-08-19 19:24:39 ----A---- C:\windows\system32\ie4uinit.exe
2010-08-19 19:24:38 ----A---- C:\windows\system32\iertutil.dll
2010-08-19 19:24:37 ----A---- C:\windows\system32\ieUnatt.exe
2010-08-19 19:24:36 ----A---- C:\windows\system32\iesysprep.dll
2010-08-19 19:24:31 ----A---- C:\windows\system32\urlmon.dll
2010-08-19 19:24:27 ----A---- C:\windows\system32\ieframe.dll
2010-08-19 19:24:22 ----A---- C:\windows\system32\mshtml.dll
2010-08-19 19:18:51 ----A---- C:\windows\system32\mshtmled.dll
2010-08-19 19:18:50 ----A---- C:\windows\system32\mshtmler.dll
2010-08-19 19:18:50 ----A---- C:\windows\system32\icardie.dll
2010-08-19 19:18:50 ----A---- C:\windows\system32\admparse.dll
2010-08-19 19:18:49 ----A---- C:\windows\system32\msls31.dll
2010-08-19 19:18:49 ----A---- C:\windows\system32\imgutil.dll
2010-08-19 19:18:49 ----A---- C:\windows\system32\ieakeng.dll
2010-08-19 19:18:49 ----A---- C:\windows\system32\dxtmsft.dll
2010-08-19 19:18:49 ----A---- C:\windows\system32\corpol.dll
2010-08-19 19:18:48 ----A---- C:\windows\system32\licmgr10.dll
2010-08-19 19:18:48 ----A---- C:\windows\system32\inseng.dll
2010-08-19 19:18:48 ----A---- C:\windows\system32\dxtrans.dll
2010-08-19 19:18:47 ----A---- C:\windows\system32\WinFXDocObj.exe
2010-08-19 19:18:47 ----A---- C:\windows\system32\wextract.exe
2010-08-19 19:18:47 ----A---- C:\windows\system32\webcheck.dll
2010-08-19 19:18:47 ----A---- C:\windows\system32\msrating.dll
2010-08-19 19:18:47 ----A---- C:\windows\system32\ieakui.dll
2010-08-19 19:18:47 ----A---- C:\windows\system32\ieaksie.dll
2010-08-19 19:18:45 ----A---- C:\windows\system32\pngfilt.dll
2010-08-19 19:18:45 ----A---- C:\windows\system32\advpack.dll
2010-08-19 19:18:44 ----A---- C:\windows\system32\ieapfltr.dll
2010-08-19 19:18:43 ----A---- C:\windows\system32\url.dll
2010-08-19 19:18:39 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2010-08-19 19:18:39 ----A---- C:\windows\system32\SetDepNx.exe
2010-08-19 19:18:39 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2010-08-19 19:18:39 ----A---- C:\windows\system32\mshta.exe
2010-08-19 19:18:39 ----A---- C:\windows\system32\iexpress.exe
2010-08-19 19:18:38 ----A---- C:\windows\system32\PDMSetup.exe
2010-08-19 19:09:21 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-19 18:19:55 ----D---- C:\Program Files\LSI SoftModem
2010-08-19 18:08:43 ----D---- C:\Users\elen\AppData\Roaming\ESET
2010-08-19 17:20:43 ----D---- C:\ProgramData\WindowsSearch
2010-08-19 15:48:14 ----D---- C:\Program Files\Common Files\Adobe
2010-08-19 15:37:16 ----D---- C:\Program Files\Common Files\Protexis
2010-08-19 15:36:17 ----D---- C:\ProgramData\Corel
2010-08-19 15:36:17 ----D---- C:\Program Files\Corel
2010-08-19 15:31:09 ----A---- C:\windows\system32\d3dx9_29.dll
2010-08-19 15:20:11 ----D---- C:\Program Files\Adobe
2010-08-19 15:06:25 ----D---- C:\Program Files\ICQ7.2
2010-08-19 14:55:45 ----D---- C:\Users\elen\AppData\Roaming\IrfanView
2010-08-19 14:53:09 ----D---- C:\Program Files\CCleaner
2010-08-19 14:39:14 ----D---- C:\Program Files\Microsoft
2010-08-19 14:38:47 ----D---- C:\Program Files\Windows Live SkyDrive
2010-08-19 14:38:14 ----D---- C:\Program Files\Windows Live
2010-08-19 14:31:45 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-19 14:30:54 ----D---- C:\ProgramData\Sun
2010-08-19 14:30:17 ----A---- C:\windows\system32\javaws.exe
2010-08-19 14:30:17 ----A---- C:\windows\system32\javaw.exe
2010-08-19 14:30:17 ----A---- C:\windows\system32\java.exe
2010-08-19 14:30:17 ----A---- C:\windows\system32\deployJava1.dll
2010-08-19 13:16:50 ----D---- C:\Program Files\FileHippo.com
2010-08-19 11:58:15 ----D---- C:\Program Files\trend micro
2010-08-19 11:58:14 ----D---- C:\rsit
2010-08-19 11:21:16 ----D---- C:\windows\pss
2010-08-15 15:58:46 ----A---- C:\windows\system32\schannel.dll
2010-08-15 15:54:04 ----A---- C:\windows\system32\drivers\tcpip.sys
2010-08-15 15:53:59 ----A---- C:\windows\system32\rtutils.dll
2010-08-15 15:53:52 ----A---- C:\windows\system32\msxml3.dll
2010-08-15 15:53:47 ----A---- C:\windows\system32\iccvid.dll
2010-08-15 15:51:10 ----A---- C:\windows\system32\win32k.sys
2010-08-15 15:50:40 ----A---- C:\windows\system32\ntkrnlpa.exe
2010-08-15 15:50:36 ----A---- C:\windows\system32\ntoskrnl.exe
2010-08-15 15:49:50 ----A---- C:\windows\system32\drivers\srv.sys
2010-08-15 15:49:48 ----A---- C:\windows\system32\drivers\srv2.sys
2010-08-06 18:23:35 ----A---- C:\windows\system32\shell32.dll

======List of files/folders modified in the last 1 months======

2010-08-22 00:55:05 ----D---- C:\windows\Temp
2010-08-22 00:52:23 ----D---- C:\Windows
2010-08-22 00:46:49 ----SHD---- C:\windows\Installer
2010-08-22 00:46:38 ----D---- C:\ProgramData\ESET
2010-08-22 00:46:32 ----RD---- C:\Program Files
2010-08-22 00:46:25 ----D---- C:\windows\system32\catroot
2010-08-22 00:46:25 ----D---- C:\windows\inf
2010-08-22 00:46:24 ----D---- C:\windows\system32\drivers
2010-08-22 00:45:11 ----SHD---- C:\System Volume Information
2010-08-22 00:05:34 ----D---- C:\windows\System32
2010-08-22 00:05:34 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-08-21 23:01:18 ----D---- C:\windows\system32\catroot2
2010-08-21 22:42:52 ----RD---- C:\Program Files\Skype
2010-08-21 22:40:04 ----HD---- C:\ProgramData
2010-08-21 20:31:13 ----D---- C:\windows\winsxs
2010-08-21 20:30:17 ----D---- C:\Program Files\Alwil Software
2010-08-21 17:56:21 ----D---- C:\windows\system32\Tasks
2010-08-21 17:12:30 ----D---- C:\Program Files\Google
2010-08-21 16:53:39 ----SD---- C:\Users\elen\AppData\Roaming\Microsoft
2010-08-21 16:53:37 ----D---- C:\ProgramData\Microsoft Help
2010-08-20 00:02:01 ----RSD---- C:\windows\Fonts
2010-08-19 22:25:35 ----D---- C:\windows\Prefetch
2010-08-19 22:17:40 ----D---- C:\Program Files\WinRAR
2010-08-19 22:17:40 ----D---- C:\Program Files\Mozilla Firefox
2010-08-19 20:54:43 ----D---- C:\windows\rescache
2010-08-19 20:29:58 ----RSD---- C:\windows\assembly
2010-08-19 20:01:36 ----D---- C:\windows\system32\wbem
2010-08-19 20:01:36 ----D---- C:\windows\system32\drivers\en-US
2010-08-19 20:01:36 ----D---- C:\Program Files\Internet Explorer
2010-08-19 20:01:35 ----D---- C:\windows\system32\migration
2010-08-19 20:01:34 ----AD---- C:\windows\system32\sk-SK
2010-08-19 20:01:30 ----D---- C:\windows\system32\en-US
2010-08-19 20:01:30 ----D---- C:\windows\PolicyDefinitions
2010-08-19 19:30:30 ----D---- C:\windows\SoftwareDistribution
2010-08-19 19:10:30 ----SD---- C:\ProgramData\Microsoft
2010-08-19 19:05:18 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-19 19:04:33 ----D---- C:\Program Files\Microsoft Works
2010-08-19 18:26:05 ----A---- C:\windows\win.ini
2010-08-19 18:25:59 ----D---- C:\Program Files\Common Files\System
2010-08-19 17:05:12 ----D---- C:\windows\Debug
2010-08-19 16:57:48 ----D---- C:\Users\elen\AppData\Roaming\ICQ
2010-08-19 16:46:58 ----D---- C:\ProgramData\Adobe
2010-08-19 15:48:14 ----D---- C:\Program Files\Common Files
2010-08-19 15:07:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-19 14:46:51 ----D---- C:\Users\elen\AppData\Roaming\WinRAR
2010-08-19 14:30:49 ----D---- C:\Program Files\Common Files\Java
2010-08-19 14:29:51 ----D---- C:\Program Files\Java
2010-08-19 11:38:27 ----D---- C:\Users\elen\AppData\Roaming\Skype
2010-08-19 11:17:33 ----D---- C:\Users\elen\AppData\Roaming\skypePM
2010-08-16 16:57:37 ----D---- C:\windows\Microsoft.NET
2010-08-16 13:48:07 ----D---- C:\Program Files\Movie Maker
2010-08-16 13:40:36 ----D---- C:\Program Files\Windows Mail
2010-08-15 15:24:40 ----D---- C:\windows\system32\WDI
2010-08-03 20:09:31 ----A---- C:\windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R2 regi;regi; \??\C:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S2 MLPTDR_N;MLPTDR_N; \??\C:\windows\system32\MLPTDR_N.sys [2003-07-17 18848]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 catchme;catchme; \??\C:\Users\elen\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 eabfiltr;eabfiltr; C:\windows\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
S3 eabusb;eabusb; C:\windows\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TF1D091010;TF1D091010; C:\windows\system32\DRIVERS\TF1D091010.sys [2008-02-01 99968]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S2 0220271250167671mcinstcleanup;McAfee Application Installer Cleanup (0220271250167671); C:\Users\elen\AppData\Local\Temp\022027~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-09 136176]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-21 435016]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Prosím podívejte se jestli je v této složce nějaký soubor. Pokud ano, dejte ho do raru a vložte zde jako přílohu.
C:\windows\Minidump

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

V tej zložke sa nič nenachádza...sken beží...
//tu je ten log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4461

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

22. 8. 2010 12:40:05
mbam-log-2010-08-22 (12-40-05).txt

Typ kontroly: Úplná kontrola (C:\|D:\|F:\|)
Objektov kontrolovaných: 250720
Uplynulý čas: 1 hod, 15 min, 44 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 1

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
C:\Users\elen\Downloads\install_flash_player.exe (Trojan.Downloader) -> No action taken.

Vše co mbam našel, smažte.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

No k tomuto notebooku budem mať prístup až v sobotu (a to na chvíľu)...po vyššie uvedenej rade by to malo byť ako tak všetko?..či v tých logoch má byť ďalšia stopa po hávedi...

//ok

Ten log mi ukáže víc.

Až budete u počítače, tak se ozvěte

Jak to tu vypadá?

Prebieha sken
//btw: program je v ang..všetko je ako si kázala..akurát "- Klikněte na tlačítko Prohledat" - na výber bolo , Run scan, Quick scan, Run Fix, CleanUp..tak som dal Run scan

Run scan - já zapoměla, že na slovenském OS je to anglicky.
Já tu budu občas nakukovat.

Dosť dlho to trvalo tu je prvý log:
OTL Extras logfile created on: 4. 9. 2010 12:04:10 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\elen\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

764,00 Mb Total Physical Memory | 118,00 Mb Available Physical Memory | 15,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 33,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 109,99 Gb Free Space | 79,10% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,01 Gb Free Space | 22,29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1020,00 Mb Total Space | 1017,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ELEN-PC
Current User Name: elen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3370941296-2164915583-3062504316-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3370941296-2164915583-3062504316-1004]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21EDAB2C-43F4-47B8-B738-C52E52305C64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{24CCC11F-1E25-4017-91EF-AEDD5583EEA2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{70F78419-C79A-4DCA-B0FA-69D801F05A7A}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E2F08D6-5AF5-476E-AB18-F3ABB6AC6F27}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3127C926-E2BA-4913-A590-5C4B371A12BE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{32F441E3-9F51-46EC-AFC7-8BB318A08355}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{474A325C-75F1-443C-90C5-E0ECF85C4F8F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{706D30B2-7420-4DD2-8CA7-52F000AE5316}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{78B484CD-4990-4E39-A7C8-0DF05EC8EEF5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7B3A2715-A6FE-4AB0-A31C-4B9BA9CECE79}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{7EECB73F-338F-40C4-898B-C574F630CB8B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8487C3B8-97C7-407A-8AC8-906D868BBB76}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{868D85E6-6504-4FBE-9E5C-53A3BA6D60E5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{91EF0D1C-1C6D-4519-A080-AED110A5ADB1}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{949608DF-20C6-4098-87E0-43314CB0AB80}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{ABADDC06-AF78-47BF-9F72-D4A9D23B1A03}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C8255AD7-E3CE-4620-A384-545D125B30DD}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E7A6DC07-30BC-4056-80C0-CF60EFF5A628}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"TCP Query User{56F3A9F5-AD17-4E66-B109-6582C2660CBB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{4B5F5A4F-8492-4D7C-B3A1-1C54278848ED}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{10C9FF8B-3053-46B7-ABD2-4DE5C003D55F}" = WellPhone XT
"{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}" = Vista Default Settings
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6E49385E-D589-4597-BEEA-5551E78ED9CE}" = Vista Manager
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{8F04AE70-9C11-11DF-8F84-005056C00008}" = Google Earth Plug-in
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"FileHippo.com" = FileHippo.com Update Checker
"GOM Player" = GOM Player
"IrfanView" = IrfanView (remove only)
"KONICA MINOLTA PagePro 1300W" = KONICA MINOLTA PagePro 1300W
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities" = TuneUp Utilities
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archivátor

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2. 9. 2010 4:17:15 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 9. 2010 4:29:08 | Computer Name = elen-PC | Source = Google Update | ID = 20
Description =

Error - 2. 9. 2010 9:05:39 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 9. 2010 10:46:00 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 9. 2010 10:49:30 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 9. 2010 11:33:27 | Computer Name = elen-PC | Source = Google Update | ID = 20
Description =

Error - 2. 9. 2010 11:46:52 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 4. 9. 2010 5:33:56 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

Error - 4. 9. 2010 5:39:16 | Computer Name = elen-PC | Source = System Restore | ID = 8193
Description =

Error - 4. 9. 2010 5:48:35 | Computer Name = elen-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2. 4. 2010 11:31:43 | Computer Name = elen-PC | Source = Service Control Manager | ID = 7002
Description =

Error - 2. 4. 2010 11:32:20 | Computer Name = elen-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2. 4. 2010 11:49:43 | Computer Name = elen-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{79A56F52-8F12-461A-8D22-9C047EAC4033}
because another computer on the network has the same name. The server could not
start.

Error - 10. 4. 2010 10:34:54 | Computer Name = elen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10. 4. 2010 10:34:54 | Computer Name = elen-PC | Source = Service Control Manager | ID = 7002
Description =

Error - 10. 4. 2010 10:36:09 | Computer Name = elen-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 10. 4. 2010 10:37:35 | Computer Name = elen-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{B17BD714-AB9A-4DCF-9EBB-6A8693D6E0CE}
because another computer on the network has the same name. The server could not
start.

Error - 16. 4. 2010 9:37:45 | Computer Name = elen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 4. 2010 9:37:45 | Computer Name = elen-PC | Source = Service Control Manager | ID = 7002
Description =

Error - 16. 4. 2010 9:38:14 | Computer Name = elen-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

OTL logfile created on: 4. 9. 2010 12:04:10 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\elen\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

764,00 Mb Total Physical Memory | 118,00 Mb Available Physical Memory | 15,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 33,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 109,99 Gb Free Space | 79,10% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,01 Gb Free Space | 22,29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1020,00 Mb Total Space | 1017,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ELEN-PC
Current User Name: elen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/04 09:28:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\elen\Desktop\OTL.exe
PRC - [2010/06/28 23:13:11 | 002,701,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
PRC - [2010/06/28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/06/28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/07 18:06:04 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/05/07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/11/04 18:20:14 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/04 17:10:24 | 001,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008/01/21 04:34:20 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2004/04/13 06:54:42 | 000,151,552 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\Windows\System32\MSTMON_N.EXE

========== Modules (SafeList) ==========

MOD - [2010/09/04 09:28:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\elen\Desktop\OTL.exe
MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/21 04:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Users\elen\AppData\Local\Temp\022027~1.EXE -- (0220271250167671mcinstcleanup) McAfee Application Installer Cleanup (0220271250167671)
SRV - [2010/08/21 17:24:34 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/06/28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/05/07 18:01:04 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/02/18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\elen\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/06/28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2010/02/25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/03/27 06:48:22 | 001,810,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/05/21 12:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/04/28 11:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/04/11 16:38:44 | 000,382,464 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/04/03 23:57:00 | 000,310,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008/03/21 20:35:24 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/02/01 23:37:34 | 000,099,968 | ---- | M] (TechFaith Wireless Technology Limited.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TF1D091010.sys -- (TF1D091010)
DRV - [2008/01/21 04:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/21 04:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:32:44 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008/01/21 04:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 23:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 23:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003/07/17 15:44:24 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_N.SYS -- (MLPTDR_N)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3370941296-2164915583-3062504316-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-3370941296-2164915583-3062504316-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-3370941296-2164915583-3062504316-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3370941296-2164915583-3062504316-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://google.sk/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/19 16:48:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/19 16:52:52 | 000,000,000 | ---D | M]

[2009/08/13 16:13:02 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\mozilla\Extensions
[2010/09/02 10:33:36 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\mozilla\Firefox\Profiles\ge62ofil.default\extensions
[2010/08/19 13:05:00 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\elen\AppData\Roaming\mozilla\Firefox\Profiles\ge62ofil.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/08/19 13:05:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\elen\AppData\Roaming\mozilla\Firefox\Profiles\ge62ofil.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/10 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\mozilla\Firefox\Profiles\ge62ofil.default\extensions\firefox@tvunetworks.com
[2010/09/02 10:33:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/19 14:30:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/08/19 14:30:02 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/19 13:04:30 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010/08/19 13:04:30 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010/08/19 13:04:31 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010/08/19 13:04:31 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010/08/19 13:04:31 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010/08/19 13:04:31 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\Windows\System32\MSTMON_N.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{533799b9-8a54-11de-86dc-0024814b7e2a}\Shell - "" = AutoRun
O33 - MountPoints2\{533799b9-8a54-11de-86dc-0024814b7e2a}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\{533799b9-8a54-11de-86dc-0024814b7e2a}\Shell\configure\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\{533799b9-8a54-11de-86dc-0024814b7e2a}\Shell\install\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\{63dde349-5aad-11df-834f-0024814b7e2a}\Shell\AutoRun\command - "" = I:\PMBP_Win.exe -- File not found
O33 - MountPoints2\{fc39f71c-7fad-11de-831c-0024814b7e2a}\Shell - "" = AutoRun
O33 - MountPoints2\{fc39f71c-7fad-11de-831c-0024814b7e2a}\Shell\AutoRun\command - "" = G:\seamlessKeyLauncher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"Czech" /KBD:3) - C:\windows\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/09/04 11:53:31 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2010/09/04 11:53:30 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswSP.sys
[2010/09/04 11:53:28 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswRdr.sys
[2010/09/04 11:53:25 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswTdi.sys
[2010/09/04 11:53:21 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2010/09/04 11:52:12 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\windows\avastSS.scr
[2010/09/04 11:52:11 | 000,165,032 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2010/09/04 11:37:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\elen\Desktop\OTL.exe
[2010/08/22 17:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/22 00:28:55 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/08/21 22:16:55 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2010/08/21 22:12:34 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2010/08/21 20:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/08/21 17:24:41 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\windows\System32\TURegOpt.exe
[2010/08/21 17:24:38 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\windows\System32\uxtuneup.dll
[2010/08/21 17:24:38 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\windows\System32\authuitu.dll
[2010/08/21 17:24:11 | 000,000,000 | ---D | C] -- C:\Users\elen\AppData\Roaming\TuneUp Software
[2010/08/21 17:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/08/21 17:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/08/21 17:20:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/08/20 00:44:58 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2010/08/20 00:44:54 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2010/08/19 23:36:26 | 000,000,000 | ---D | C] -- C:\Users\elen\AppData\Roaming\Malwarebytes
[2010/08/19 23:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/19 23:36:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/19 22:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2010/08/19 19:38:52 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys
[2010/08/19 19:24:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2010/08/19 19:24:49 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2010/08/19 19:24:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2010/08/19 19:24:47 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2010/08/19 19:24:46 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2010/08/19 19:24:46 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2010/08/19 19:24:45 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2010/08/19 19:24:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2010/08/19 19:24:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2010/08/19 19:24:41 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2010/08/19 19:24:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2010/08/19 19:24:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2010/08/19 19:24:37 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2010/08/19 19:24:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2010/08/19 19:24:28 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2010/08/19 19:18:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2010/08/19 19:18:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2010/08/19 19:18:49 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2010/08/19 19:18:49 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2010/08/19 19:18:49 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2010/08/19 19:18:49 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2010/08/19 19:18:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\corpol.dll
[2010/08/19 19:18:48 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2010/08/19 19:18:48 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2010/08/19 19:18:48 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2010/08/19 19:18:47 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2010/08/19 19:18:47 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinFXDocObj.exe
[2010/08/19 19:18:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2010/08/19 19:18:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2010/08/19 19:18:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2010/08/19 19:18:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2010/08/19 19:18:44 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2010/08/19 19:18:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2010/08/19 19:18:40 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2010/08/19 19:18:39 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2010/08/19 19:18:39 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2010/08/19 19:18:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2010/08/19 19:18:39 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2010/08/19 19:18:39 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetDepNx.exe
[2010/08/19 19:18:38 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PDMSetup.exe
[2010/08/19 19:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/08/19 18:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2010/08/19 18:08:43 | 000,000,000 | ---D | C] -- C:\Users\elen\AppData\Roaming\ESET
[2010/08/19 17:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/08/19 15:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/19 15:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010/08/19 15:36:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010/08/19 15:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010/08/19 15:31:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_29.dll
[2010/08/19 15:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/19 15:06:56 | 000,000,000 | ---D | C] -- C:\Users\elen\AppData\Local\AOL
[2010/08/19 15:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2
[2010/08/19 14:55:45 | 000,000,000 | ---D | C] -- C:\Users\elen\AppData\Roaming\IrfanView
[2010/08/19 14:53:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/08/19 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\elen\Tracing
[2010/08/19 14:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/08/19 14:39:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/08/19 14:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/08/19 14:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/08/19 14:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/08/19 14:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/08/19 14:30:17 | 000,423,656 | ---- | C] (Oracle) -- C:\windows\System32\deployJava1.dll
[2010/08/19 14:30:17 | 000,153,376 | ---- | C] (Oracle) -- C:\windows\System32\javaws.exe
[2010/08/19 14:30:17 | 000,145,184 | ---- | C] (Oracle) -- C:\windows\System32\javaw.exe
[2010/08/19 14:30:17 | 000,145,184 | ---- | C] (Oracle) -- C:\windows\System32\java.exe
[2010/08/19 13:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2010/08/19 11:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/08/19 11:58:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/19 11:21:16 | 000,000,000 | ---D | C] -- C:\windows\pss
[2010/08/15 15:53:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rtutils.dll
[2010/08/15 15:53:47 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\windows\System32\iccvid.dll
[2010/08/15 15:51:10 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2010/08/15 15:50:40 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2010/08/15 15:50:36 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2009/08/02 23:54:14 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2009/03/27 06:47:16 | 000,195,120 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2010/09/04 12:21:36 | 001,835,008 | -HS- | M] () -- C:\Users\elen\NTUSER.DAT
[2010/09/04 11:55:53 | 000,759,570 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010/09/04 11:55:53 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010/09/04 11:55:53 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010/09/04 11:53:32 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/09/04 11:53:21 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2010/09/04 11:48:54 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/04 11:48:54 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/04 11:47:57 | 000,000,992 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/04 11:47:47 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/09/04 11:47:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/09/04 11:47:38 | 802,021,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/04 11:45:15 | 000,524,288 | -HS- | M] () -- C:\Users\elen\NTUSER.DAT{c78acd14-0c69-11dd-a5c3-001560bf5b5e}.TMContainer00000000000000000001.regtrans-ms
[2010/09/04 11:45:15 | 000,065,536 | -HS- | M] () -- C:\Users\elen\NTUSER.DAT{c78acd14-0c69-11dd-a5c3-001560bf5b5e}.TM.blf
[2010/09/04 11:45:11 | 002,719,933 | -H-- | M] () -- C:\Users\elen\AppData\Local\IconCache.db
[2010/09/04 09:28:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\elen\Desktop\OTL.exe
[2010/09/03 21:02:06 | 000,339,991 | ---- | M] () -- C:\Users\elen\Desktop\RSIT.exe
[2010/09/02 18:29:04 | 000,000,996 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/21 22:05:03 | 000,002,587 | ---- | M] () -- C:\Users\elen\Desktop\Microsoft Office Excel 2007.lnk
[2010/08/21 22:04:24 | 000,013,582 | ---- | M] () -- C:\Users\elen\Documents\Katastrofa.xlsx
[2010/08/19 22:26:16 | 000,000,197 | ---- | M] () -- C:\windows\ODBCINST.INI
[2010/08/19 20:34:30 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010/08/19 20:08:24 | 000,101,312 | ---- | M] () -- C:\Users\elen\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/19 20:05:05 | 000,374,840 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010/08/19 18:26:05 | 000,000,219 | ---- | M] () -- C:\windows\win.ini
[2010/08/19 16:08:30 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/19 15:38:41 | 000,000,040 | -H-- | M] () -- C:\windows\System32\ivireg.ivr
[2010/08/19 15:07:53 | 000,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010/08/19 14:40:44 | 000,000,758 | ---- | M] () -- C:\Users\elen\Documents\My Sharing Folders.lnk
[2010/08/19 14:30:01 | 000,423,656 | ---- | M] (Oracle) -- C:\windows\System32\deployJava1.dll
[2010/08/19 14:30:01 | 000,153,376 | ---- | M] (Oracle) -- C:\windows\System32\javaws.exe
[2010/08/19 14:30:01 | 000,145,184 | ---- | M] (Oracle) -- C:\windows\System32\javaw.exe
[2010/08/19 14:30:01 | 000,145,184 | ---- | M] (Oracle) -- C:\windows\System32\java.exe

========== Files Created - No Company Name ==========

[2010/09/04 11:53:32 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/09/04 11:37:17 | 000,339,991 | ---- | C] () -- C:\Users\elen\Desktop\RSIT.exe
[2010/08/21 23:38:08 | 802,021,376 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/21 17:01:55 | 000,013,582 | ---- | C] () -- C:\Users\elen\Documents\Katastrofa.xlsx
[2010/08/19 20:34:30 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010/08/19 19:39:03 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010/08/19 19:24:42 | 000,057,667 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2010/08/19 15:49:57 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/19 15:38:40 | 000,000,040 | -H-- | C] () -- C:\windows\System32\ivireg.ivr
[2010/08/19 15:07:53 | 000,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010/08/19 14:40:44 | 000,000,758 | ---- | C] () -- C:\Users\elen\Documents\My Sharing Folders.lnk
[2010/05/09 17:32:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/17 15:28:41 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009/08/14 22:30:46 | 000,015,360 | ---- | C] () -- C:\Users\elen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/14 20:06:03 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/12 18:09:07 | 000,000,564 | ---- | C] () -- C:\Users\elen\AppData\Local\FSCache.dat
[2009/08/03 00:00:27 | 000,000,000 | ---- | C] () -- C:\Users\elen\AppData\Local\QSwitch.txt
[2009/08/03 00:00:27 | 000,000,000 | ---- | C] () -- C:\Users\elen\AppData\Local\DSwitch.txt
[2009/08/03 00:00:27 | 000,000,000 | ---- | C] () -- C:\Users\elen\AppData\Local\AtStart.txt
[2009/08/02 23:54:13 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009/03/27 06:48:22 | 001,810,992 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2009/03/27 06:48:12 | 000,034,096 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2008/08/04 16:43:08 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008/08/04 16:43:08 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008/08/04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008/08/04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008/08/04 16:43:08 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008/08/04 16:43:08 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008/08/04 16:16:55 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008/05/21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2008/04/19 21:51:57 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2008/01/18 09:33:29 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2003/11/25 07:38:54 | 000,015,315 | ---- | C] () -- C:\windows\MSTMON_N.INI
[2003/06/30 14:13:24 | 000,011,521 | ---- | C] () -- C:\windows\MSUMLT_N.INI
[1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

========== LOP Check ==========

[2010/08/19 18:08:43 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\ESET
[2009/08/14 16:39:06 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\GetRightToGo
[2010/08/19 16:57:48 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\ICQ
[2009/08/13 13:13:44 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\InterVideo
[2010/08/19 14:55:45 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\IrfanView
[2009/08/13 15:24:20 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Thinstall
[2010/08/21 17:24:11 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\TuneUp Software
[2010/09/04 11:45:40 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009/04/11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/02/18 17:44:29 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Adobe
[2009/08/03 00:00:54 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\ATI
[2010/08/19 18:08:43 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\ESET
[2009/08/14 16:39:06 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\GetRightToGo
[2009/08/14 17:30:38 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\GRETECH
[2009/08/18 19:26:07 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\HPQLOG
[2010/08/19 16:57:48 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\ICQ
[2009/08/02 23:59:00 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Identities
[2009/08/02 23:48:45 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\InstallShield
[2009/08/13 13:13:44 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\InterVideo
[2010/08/19 14:55:45 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\IrfanView
[2009/08/12 17:46:39 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Macromedia
[2010/08/19 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Malwarebytes
[2010/08/21 16:53:39 | 000,000,000 | --SD | M] -- C:\Users\elen\AppData\Roaming\Microsoft
[2009/08/13 16:13:02 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Mozilla
[2010/08/19 11:38:27 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Skype
[2010/08/19 11:17:33 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\skypePM
[2010/05/08 17:45:44 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Sony Corporation
[2009/08/13 15:24:20 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\Thinstall
[2010/08/21 17:24:11 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\TuneUp Software
[2010/08/19 14:46:51 | 000,000,000 | ---D | M] -- C:\Users\elen\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2007/03/22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\elen\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010/05/08 17:11:40 | 006,814,720 | ---- | M] (Gretech Corporation) -- C:\Users\elen\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\ClickCleaner.exe
[2010/08/19 22:13:45 | 000,017,542 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\ContextMenuManager.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\DiskAnalyzer.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\DuplicateFilesFinder.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\FileSecurity.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\FileSplitter.exe
[2010/08/19 22:13:46 | 000,017,542 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\FreeMemory.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\IconManager.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\IEManager.exe
[2010/08/19 22:13:46 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\JunkFileCleaner.exe
[2010/08/19 22:13:46 | 000,005,430 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\LiveUpdate.exe
[2010/08/19 22:13:45 | 000,013,262 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\OptimizationWizard.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\PrivacyProtector.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\ProcessManager.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\RegistryCleaner.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\RegistryDefrag.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\RepairCenter.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\RunShortcutCreator.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\ServiceManager.exe
[2010/08/19 22:13:45 | 000,017,542 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\SmartUninstaller.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\StartupManager.exe
[2010/08/19 22:13:45 | 000,082,726 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\SuperCopy.exe
[2010/08/19 22:13:45 | 000,014,534 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\SystemFolder_msiexec.exe
[2010/08/19 22:13:45 | 000,007,886 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\SystemInfo.exe
[2010/08/19 22:13:45 | 000,017,542 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\TaskSchedulerManager.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\VistaManager.exe
[2010/08/19 22:13:45 | 000,015,086 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\WallpaperChanger.exe
[2010/08/19 22:13:45 | 000,013,262 | R--- | M] () -- C:\Users\elen\AppData\Roaming\Microsoft\Installer\{6E49385E-D589-4597-BEEA-5551E78ED9CE}\WinUtilities.exe
[2009/08/13 16:56:54 | 000,053,248 | ---- | M] () -- C:\Users\elen\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\1000000600002h\verclsid.exe
[2009/08/13 15:24:30 | 000,053,248 | ---- | M] () -- C:\Users\elen\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000005700002h\WINWORD.EXE
[2009/08/13 15:42:07 | 000,053,248 | ---- | M] () -- C:\Users\elen\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000007300002h\POWERPNT.EXE

< MD5 for: AGP440.SYS >
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CDROM.SYS >
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008/01/21 04:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009/04/11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009/04/11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009/04/11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006/11/02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008/01/21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008/01/21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008/01/21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008/01/21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008/01/21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/06/15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/02/13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008/01/21 04:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009/04/11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008/08/04 16:08:34 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/05/21 11:38:24 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2008/05/21 11:38:24 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010/09/04 11:48:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/04 11:48:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/04 11:53:21 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/04 11:55:53 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/04 11:55:53 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/04 11:55:53 | 000,759,570 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
< End of report >

Druhý log sa nevošiel tak som ho rozdelil napoly

VIRY.CZ

Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie

Re: Zdravím, poprosím preventivku - podozrenie