VIRY.CZ

OTL logfile created on: 31.10.2012 14:54:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.41% Memory free
5.33 Gb Paging File | 4.59 Gb Available in Paging File | 86.10% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 16.47 Gb Free Space | 11.05% Space Free | Partition Type: NTFS

Computer Name: A02-0732A | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.10.31 14:12:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2012.10.30 10:23:20 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.30 10:22:55 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.30 10:22:55 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
PRC - [2003.02.02 15:38:06 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\MPICH\mpd\bin\mpd.exe


========== Modules (No Company Name) ==========

MOD - [2012.09.19 18:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe
MOD - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
MOD - [2003.02.02 15:38:06 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\MPICH\mpd\bin\mpd.exe


========== Services (SafeList) ==========

SRV:64bit: - [2009.11.24 14:36:54 | 001,045,504 | ---- | M] (AB Studio) [On_Demand | Stopped] -- C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe -- (AbSoftMgr4)
SRV - [2012.10.30 23:26:42 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 10:23:20 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.30 10:22:55 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.08.18 00:31:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2009.09.25 16:35:00 | 000,665,088 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SysWOW64\ati2saag.exe -- (ATI Smart)
SRV - [2008.07.25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.12 18:32:56 | 000,079,360 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.02.16 23:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2006.10.18 20:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2003.02.02 15:38:06 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\MPICH\mpd\bin\mpd.exe -- (mpich_mpd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2005.09.18 18:02:20 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2011.06.23 09:01:02 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2007.06.24 21:56:56 | 000,047,368 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007.06.24 21:56:42 | 000,037,384 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\Drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.06.24 21:56:36 | 000,037,896 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\Drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007.03.05 20:47:08 | 000,025,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:42:54 | 000,049,680 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\SysWOW64\Drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:41:34 | 000,024,976 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\SysWOW64\Drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007.03.05 20:39:28 | 000,063,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\Drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007.03.05 20:38:20 | 000,047,120 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\Drivers\VComm.sys -- (VComm)
DRV - [2006.06.14 13:45:18 | 000,015,360 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysWOW64\Drivers\EIO64.sys -- (EIO)
DRV - [2005.03.25 13:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2005.03.25 13:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{6EFA99C6-7B10-460E-AD72-EABD509BB121}: "URL" = http://search.microsoft.com/results.asp ... earchTerms}
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{83DD84D1-2E59-48C3-A7F3-4C2945D74379}: "URL" = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{E4B41193-BF87-4F6B-9227-743C1EA491C2}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:16.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.22 01:30:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff [2012.10.27 22:15:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.30 23:26:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 22:15:13 | 000,000,000 | ---D | M]

[2009.11.22 23:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009.11.22 23:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.10.27 19:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhtvkw93.default\extensions
[2012.10.27 19:27:27 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhtvkw93.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.04.28 00:47:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhtvkw93.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.27 22:15:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.30 23:26:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.27 22:15:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.10.30 23:26:43 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2007.12.19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2007.03.22 19:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL
[2005.09.24 05:44:16 | 000,077,824 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.10.30 23:26:40 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.10.30 23:26:40 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.10.30 23:26:40 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.09.20 18:56:07 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.10.30 23:26:40 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.10.30 23:26:40 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.10.30 23:26:40 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\10.0.648.204\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\10.0.648.204\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\10.0.648.204\gears.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\amd_dc_opt\amd_dc_opt.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VIAJDS] C:\Program Files (x86)\VIA\VIAudioi\HDADeck\VIAJDS.exe (TODO: <Company name>)
O4 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500..\Run: [ctfmon.exe] C:\WINDOWS\SysWOW64\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500..\Run: [PowerBar] File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PeerGuardian.lnk = C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1632222843 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1D4D449-F816-4575-8E8D-7696B484B68D}: DhcpNameServer = 147.229.208.2 147.229.191.135 147.229.3.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D06D4BB6-ED00-439C-AD15-43657634653D}: DhcpNameServer = 77.48.254.254 77.48.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5D3C341-0E2B-4F31-A59B-10BCC48DCD21}: DhcpNameServer = 147.229.208.2 147.229.191.135 147.229.3.10
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SysWOW64\wiascr.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\SysWow64\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\SysWOW64\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\SysWow64\sysdm.cpl (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\SysWow64\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\SysWow64\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\SysWow64\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - C:\WINDOWS\SysWow64\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\EFS: DllName - (sclgntfy.dll) - C:\WINDOWS\SysWow64\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\SysWow64\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWow64\shell32.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\SysWow64\msapsspc.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\SysWow64\digest.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\SysWow64\msnsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\SysWow64\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\SysWow64\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\SysWow64\msnsspc.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.26 14:35:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2cb6e1cf-a7ca-11dc-af14-001731874efa}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe
O33 - MountPoints2\{2cb6e1cf-a7ca-11dc-af14-001731874efa}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: aux - File not found
Drivers32:64bit: aux1 - File not found
Drivers32:64bit: aux2 - File not found
Drivers32:64bit: aux3 - File not found
Drivers32:64bit: aux4 - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midi1 - File not found
Drivers32:64bit: midi2 - File not found
Drivers32:64bit: midi3 - File not found
Drivers32:64bit: midi4 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer1 - File not found
Drivers32:64bit: mixer2 - File not found
Drivers32:64bit: mixer3 - File not found
Drivers32:64bit: mixer4 - File not found
Drivers32:64bit: mixer5 - File not found
Drivers32:64bit: mixer6 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: msacm.trspch - File not found
Drivers32:64bit: vidc.iyuv - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: vidc.uyvy - File not found
Drivers32:64bit: vidc.yuy2 - File not found
Drivers32:64bit: vidc.yvu9 - File not found
Drivers32:64bit: vidc.yvyu - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave1 - File not found
Drivers32:64bit: wave2 - File not found
Drivers32:64bit: wave3 - File not found
Drivers32:64bit: wave4 - File not found
Drivers32:64bit: wave5 - File not found
Drivers32:64bit: wave6 - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\SysWow64\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.asv2 - C:\WINDOWS\SysWow64\ASUSASV2.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\SysWow64\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\SysWow64\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\SysWow64\mpg4c32.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.10.31 14:12:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012.10.31 13:40:42 | 004,991,994 | ---- | C] (Swearware) -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2012.10.31 11:09:20 | 000,694,375 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2012.10.30 23:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\RK_Quarantine
[2012.10.30 15:07:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012.10.30 00:27:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2012.10.30 00:22:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2012.10.30 00:18:33 | 000,212,992 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\SysWow64\atipdlxx.dll
[2012.10.30 00:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.10.30 00:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.10.30 00:15:42 | 000,000,000 | ---D | C] -- C:\AMD
[2012.10.27 22:15:13 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\npdeployJava1.dll
[2012.10.27 22:15:13 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaws.exe
[2012.10.27 22:15:13 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaw.exe
[2012.10.27 22:15:13 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\java.exe
[2012.10.27 21:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2012.10.27 21:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012.10.27 21:00:32 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2012.10.27 20:07:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira
[2012.10.27 20:03:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012.10.27 20:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.10.27 20:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2012.10.27 19:29:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012.10.27 19:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012.10.27 19:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData
[2012.10.27 19:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2013
[2012.10.27 19:26:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.10.27 19:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.10.27 18:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.10.27 18:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.10.27 15:01:15 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll.mui
[2012.10.27 10:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.27 10:43:17 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.27 10:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\viry
[2012.10.25 07:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.10.31 14:55:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.31 14:18:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.31 14:12:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012.10.31 13:57:00 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500UA.job
[2012.10.31 13:40:58 | 004,991,994 | ---- | M] (Swearware) -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2012.10.31 11:43:16 | 000,165,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SystemLook_x64.exe
[2012.10.31 11:09:22 | 000,694,375 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2012.10.31 10:37:17 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.31 10:37:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.30 23:42:50 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2012.10.30 23:42:50 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.30 23:27:54 | 001,584,640 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RogueKiller.exe
[2012.10.30 23:24:15 | 000,540,977 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2012.10.30 21:57:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500Core.job
[2012.10.30 00:42:32 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\F1 Challenge 2007.lnk
[2012.10.30 00:39:36 | 000,023,022 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121030_003933.reg
[2012.10.29 23:14:21 | 000,048,390 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121029_231418.reg
[2012.10.29 15:48:09 | 000,710,082 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.10.27 22:15:02 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\npdeployJava1.dll
[2012.10.27 22:15:02 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\deployJava1.dll
[2012.10.27 22:15:02 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaws.exe
[2012.10.27 22:15:02 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\javaw.exe
[2012.10.27 22:15:02 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\SysWow64\java.exe
[2012.10.27 21:17:14 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012.10.27 20:03:19 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012.10.27 20:01:44 | 000,290,436 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_210141.reg
[2012.10.27 19:21:42 | 000,385,106 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_202138.reg
[2012.10.27 18:55:59 | 000,000,002 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2012.10.27 18:41:01 | 000,696,072 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_194049.reg
[2012.10.27 12:15:19 | 000,001,060 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_131516.reg
[2012.10.27 12:12:37 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012.10.25 13:35:34 | 000,286,058 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121025_143527.reg
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.10.31 14:21:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.31 11:43:14 | 000,165,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SystemLook_x64.exe
[2012.10.30 23:27:53 | 001,584,640 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RogueKiller.exe
[2012.10.30 23:24:14 | 000,540,977 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2012.10.30 00:39:35 | 000,023,022 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121030_003933.reg
[2012.10.29 23:14:20 | 000,048,390 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121029_231418.reg
[2012.10.27 21:17:14 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2012.10.27 20:03:18 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012.10.27 20:01:42 | 000,290,436 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_210141.reg
[2012.10.27 19:21:40 | 000,385,106 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_202138.reg
[2012.10.27 18:40:52 | 000,696,072 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_194049.reg
[2012.10.27 12:15:18 | 000,001,060 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121027_131516.reg
[2012.10.25 13:35:31 | 000,286,058 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\cc_20121025_143527.reg
[2012.10.25 07:39:41 | 000,013,931 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCoInst.dat
[2011.04.26 18:59:17 | 292,901,992 | ---- | C] () -- C:\Program Files\Trnsys16.zip
[2011.04.12 11:59:55 | 000,000,492 | ---- | C] () -- C:\Documents and Settings\Administrator\.buddyradar
[2011.04.12 11:56:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\.buddyradar.lock
[2010.04.18 20:50:35 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\kcmdte.dat
[2008.04.08 13:16:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\protokol
[2008.03.11 01:49:18 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007.02.22 02:46:47 | 000,000,167 | ---- | C] () -- C:\Documents and Settings\Administrator\.iriverter.conf
[2007.02.14 18:45:24 | 000,000,322 | ---- | C] () -- C:\Documents and Settings\Administrator\ubi.ini
[2006.11.01 02:15:10 | 017,018,880 | ---- | C] () -- C:\Documents and Settings\Administrator\s-1-5-21-1776293813-1955127786-1730301673-500.rrr
[2006.10.26 20:20:56 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.10.26 15:31:52 | 000,040,960 | ---- | C] () -- C:\Program Files (x86)\Uninstall_CDS.exe
[2006.10.26 14:55:01 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2006.10.26 14:47:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2007.02.18 10:05:50 | 001,508,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2009.03.19 18:51:22 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.02.15 12:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AB Studio
[2008.03.12 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ansys
[2007.02.27 22:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Atari
[2010.02.15 12:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2011.05.26 00:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2008.10.07 17:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
[2008.03.17 00:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DeepBurner
[2008.02.04 02:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Earthsim
[2007.08.12 22:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FUJIFILM
[2010.11.17 01:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HyperLobby
[2012.10.30 11:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2008.02.25 11:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQLite
[2008.10.13 18:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Jpeg Resampler
[2007.02.27 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2008.02.18 15:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mathsoft
[2010.12.21 21:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mkvtoolnix
[2008.02.21 19:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PPMate
[2008.02.22 03:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ppStream
[2008.01.15 18:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QIP
[2008.04.03 19:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RaimaRadio
[2010.11.11 02:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Registry Mechanic
[2010.02.15 12:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AB Studio
[2010.06.07 15:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.02.15 12:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012.10.27 19:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010.03.08 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2008.03.19 01:53:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012.10.27 19:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007.05.21 20:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
[2008.02.04 02:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Earthsim
[2006.12.18 00:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Harley-Davidson_ Race to the Rally Saves
[2012.10.27 19:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010.02.15 12:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\System
[2012.10.27 21:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012.10.25 07:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006.10.26 14:33:05 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2006.10.26 14:40:40 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2006.10.26 14:40:40 | 000,032,274 | ---- | C] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
[2010.04.06 00:52:14 | 000,000,908 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.04.06 00:52:14 | 000,000,912 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2010.05.04 10:34:16 | 000,001,012 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500Core.job
[2010.05.04 10:34:17 | 000,001,064 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500UA.job

< >

< MD5 for: ATAPI.SYS >
[2007.02.18 10:01:10 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:atapi.sys
[2007.02.18 10:01:10 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\amd64\sp2.cab:atapi.sys
[2005.03.25 13:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=72C77044943340964FA513B92D6D6874 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2007.02.16 23:03:34 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7A1814D0D112F50F828E25557A1ED29F -- C:\WINDOWS\ServicePackFiles\amd64\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2007.02.18 09:50:18 | 000,817,664 | ---- | M] (Microsoft Corporation) MD5=2C40794C5094E7D49D8597D7B0C617FC -- C:\WINDOWS\ServicePackFiles\amd64\autochk.exe
[2007.02.18 10:05:20 | 000,594,944 | ---- | M] (Microsoft Corporation) MD5=39ECC326D3F5531A13A1C0F0B43A8EDD -- C:\WINDOWS\SysWOW64\autochk.exe
[2005.03.25 13:00:00 | 000,817,664 | ---- | M] (Microsoft Corporation) MD5=B2825C5030B3B77B149D6EB48D24DD0C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: EXPLORER.EXE >
[2005.03.25 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) MD5=4B93BB34AF478A0FD9765D9B73356DC9 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.02.18 10:05:28 | 001,053,184 | ---- | M] (Microsoft Corporation) MD5=A26C39540F8BE3729846E360E2C57344 -- C:\WINDOWS\SysWOW64\explorer.exe
[2007.02.16 23:20:36 | 001,364,480 | ---- | M] (Microsoft Corporation) MD5=AE7A08C05F72A9242734C03230A5CD7F -- C:\WINDOWS\explorer.exe
[2007.02.16 23:20:36 | 001,364,480 | ---- | M] (Microsoft Corporation) MD5=AE7A08C05F72A9242734C03230A5CD7F -- C:\WINDOWS\ServicePackFiles\amd64\explorer.exe

< MD5 for: HAL.DLL >
[2007.02.18 10:01:10 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:hal.dll
[2007.02.18 10:01:10 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\amd64\sp2.cab:hal.dll
[2005.03.25 13:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=2A309576857932B6682EF0C300EA3A44 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2010.11.09 00:41:22 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB2393802\SP2QFE\hal.dll
[2012.04.11 21:31:20 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB2676562\SP2QFE\hal.dll
[2012.08.23 12:23:14 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB2724197\SP2QFE\hal.dll
[2009.03.19 18:41:44 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\hal.dll
[2008.08.14 06:50:16 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB956841\SP2QFE\hal.dll
[2009.08.06 18:14:42 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB971486\SP2QFE\hal.dll
[2009.12.16 10:47:02 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB977165\SP2QFE\hal.dll
[2010.03.04 21:55:32 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\hal.dll
[2012.08.23 12:23:14 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\SoftwareDistribution\Download\a3d0d1445b2128975e51141c17e610d8\SP2QFE\hal.dll
[2012.04.11 21:31:20 | 000,280,064 | ---- | M] (Microsoft Corporation) MD5=82F4104C2D9774B58A9244FC3B0EE07C -- C:\WINDOWS\SoftwareDistribution\Download\cfb0d7bd020f3b85d808db052a9eb6bf\SP2QFE\hal.dll
[2007.02.16 23:24:24 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=C168459ACF256FA61C866F80319B5B13 -- C:\WINDOWS\ServicePackFiles\amd64\hal.dll

< MD5 for: SCECLI.DLL >
[2007.02.16 23:54:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\ServicePackFiles\amd64\scecli.dll
[2005.03.25 13:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=A832D97D4113E28DB89C33219D9E7D20 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2007.02.18 10:05:48 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=E7B7FD7D8907DADED4928E922608887F -- C:\WINDOWS\SysWOW64\scecli.dll

< MD5 for: SERVICES.EXE >
[2005.03.25 13:00:00 | 000,221,696 | ---- | M] (Microsoft Corporation) MD5=250C256374AB397492ED71AEFCF17436 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.03.19 18:42:16 | 000,227,840 | ---- | M] (Microsoft Corporation) MD5=5BC6B0FFA0EB95A02F63D5BCAD39127B -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2007.02.16 23:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) MD5=D255E0DDB63A6223BFD8057266380017 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2007.02.16 23:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) MD5=D255E0DDB63A6223BFD8057266380017 -- C:\WINDOWS\ServicePackFiles\amd64\services.exe

< MD5 for: SVCHOST.EXE >
[2007.02.16 23:59:04 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=46300880A5062A41C16DF5E3E836A6C9 -- C:\WINDOWS\ServicePackFiles\amd64\svchost.exe
[2005.03.25 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BDDFEB952617080316692951215793E9 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2007.02.18 10:05:52 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=C09CCFE81DEC9B162533D7184D705682 -- C:\WINDOWS\SysWOW64\svchost.exe

< MD5 for: TCPIP.SYS >
[2007.10.31 03:43:36 | 000,767,488 | ---- | M] (Microsoft Corporation) MD5=0A11782DF1DEC17E316F00CE04C64476 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2006.05.24 13:38:34 | 000,703,488 | ---- | M] (Microsoft Corporation) MD5=1C3F3DAAE8653BE3BE4E1EADCB23B051 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.31 04:04:32 | 000,767,488 | ---- | M] (Microsoft Corporation) MD5=32256FE01BBA574D5E9EF85F83ABCE5E -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2005.03.25 13:00:00 | 000,702,976 | ---- | M] (Microsoft Corporation) MD5=3DBCA4D2398F3336FA78D534DD751764 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2006.05.24 13:34:46 | 000,812,544 | ---- | M] (Microsoft Corporation) MD5=B2C87ED1ED6E19E907C066396E54AE06 -- C:\WINDOWS\$hf_mig$\KB917953\SP1QFE\tcpip.sys
[2007.02.16 23:59:36 | 000,768,000 | ---- | M] (Microsoft Corporation) MD5=C013E7F14FD378A16F5B7A4B5A7050E9 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2007.02.16 23:59:36 | 000,768,000 | ---- | M] (Microsoft Corporation) MD5=C013E7F14FD378A16F5B7A4B5A7050E9 -- C:\WINDOWS\ServicePackFiles\amd64\tcpip.sys
[2011.03.03 11:47:32 | 000,784,896 | ---- | M] (Microsoft Corporation) MD5=CE9A7AC526636585A126FACE243F4574 -- C:\WINDOWS\$hf_mig$\KB2509553\SP2QFE\tcpip.sys
[2008.06.21 01:29:38 | 000,784,896 | ---- | M] (Microsoft Corporation) MD5=CE9A7AC526636585A126FACE243F4574 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2007.02.17 00:00:56 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=438393CC0B5122B5D988BD7BA05FE3C9 -- C:\WINDOWS\ServicePackFiles\amd64\userinit.exe
[2005.03.25 13:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=5EF907A339CAF229F3CE38909C93F53B -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2007.02.18 10:05:56 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=B5FEB3B971A8B8C81CE9DE65031A87E5 -- C:\WINDOWS\SysWOW64\userinit.exe

< MD5 for: WINLOGON.EXE >
[2005.03.25 13:00:00 | 000,922,624 | ---- | M] (Microsoft Corporation) MD5=2412D710F07F527E99D5FCBD8D6E5B89 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2007.02.17 00:02:56 | 000,944,128 | ---- | M] (Microsoft Corporation) MD5=901C7E44D11C00CA9D48BA1A866FDC4B -- C:\WINDOWS\ServicePackFiles\amd64\winlogon.exe

< >

< %systemroot%*.* /U /s >
[12 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\WINDOWS\inf\009\ADMSTestPerformanceCounter\*.tmp files -> C:\WINDOWS\inf\009\ADMSTestPerformanceCounter\*.tmp -> ]
[1 C:\WINDOWS\inf\inc\ADMSTestPerformanceCounter\*.tmp files -> C:\WINDOWS\inf\inc\ADMSTestPerformanceCounter\*.tmp -> ]
[23 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[4 C:\WINDOWS\SysWOW64\*.tmp files -> C:\WINDOWS\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.02.15 12:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AB Studio
[2012.10.30 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.06.07 15:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2007.11.08 16:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009.11.23 00:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2012.10.30 00:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010.02.15 12:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012.10.27 19:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.10.27 20:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010.03.08 20:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2008.03.19 01:53:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012.10.27 19:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007.05.21 20:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
[2006.11.02 01:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008.02.04 02:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Earthsim
[2006.12.18 00:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Harley-Davidson_ Race to the Rally Saves
[2007.10.02 12:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006.11.02 03:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2009.01.07 16:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.02.22 16:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012.10.27 19:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012.10.25 07:41:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.10.27 19:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2011.06.23 10:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012.10.27 12:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2012.10.27 19:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.04.05 20:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.02.15 12:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\System
[2012.10.27 21:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012.10.25 07:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2007.07.03 10:37:14 | 000,263,664 | ---- | M] (AB Studio C+E) -- C:\Documents and Settings\All Users\Application Data\AB Studio\ABUnInstallEx.exe
[2012.10.30 10:22:43 | 000,619,808 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\update.exe
[2012.10.30 10:22:43 | 000,046,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
[2008.01.31 23:04:34 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Skype Extras\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2008.01.31 23:04:35 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Skype Extras\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2008.01.31 23:04:34 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2008.01.31 23:04:35 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2010.06.25 14:58:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\devcon.exe
[2010.06.25 14:58:00 | 000,907,552 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaInst64.exe
[2010.06.25 14:58:00 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TP-LINK Driver\TP-LINK Wireless Utility\Driver\RaIOx64.exe

< %APPDATA%\*. >
[2010.02.15 12:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AB Studio
[2008.02.22 11:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2006.11.06 14:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM
[2008.03.12 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ansys
[2007.02.27 22:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Atari
[2008.02.03 22:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATI
[2010.02.15 12:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2012.10.27 20:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Avira
[2011.05.26 00:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2006.10.26 20:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CyberLink
[2008.10.07 17:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
[2008.03.17 00:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DeepBurner
[2010.05.03 23:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\dvdcss
[2008.02.04 02:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Earthsim
[2007.08.12 22:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FUJIFILM
[2010.04.06 00:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Google
[2009.01.15 02:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Hamachi
[2006.10.26 14:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Help
[2010.11.17 01:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\HyperLobby
[2012.10.30 11:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2008.02.25 11:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQLite
[2006.10.26 14:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2009.11.10 13:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2008.10.13 18:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Jpeg Resampler
[2012.10.27 19:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lavasoft
[2007.02.27 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2008.03.11 02:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2009.01.07 16:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2008.02.18 15:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mathsoft
[2012.10.30 20:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
[2010.03.30 22:16:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010.12.21 21:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mkvtoolnix
[2009.11.22 23:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2008.02.21 19:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PPMate
[2008.02.22 03:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ppStream
[2008.01.15 18:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QIP
[2008.04.03 19:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\RaimaRadio
[2010.11.11 02:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Registry Mechanic
[2007.02.14 16:07:19 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Application Data\SecuROM
[2011.06.23 10:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2011.06.15 15:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\skypePM
[2008.02.21 19:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SopCast
[2007.04.25 15:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2008.02.21 20:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TVU Networks
[2012.10.27 21:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2008.12.18 15:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2006.11.06 14:14:06 | 011,969,456 | ---- | M] (Adobe Systems Inc ) -- C:\Documents and Settings\Administrator\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdrUpd707_all_incr.exe
[2006.11.06 14:14:25 | 008,386,432 | ---- | M] (Adobe Systems Inc ) -- C:\Documents and Settings\Administrator\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdrUpd708_all_incr.exe
[2010.05.05 19:56:58 | 001,925,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2010.12.21 23:07:59 | 000,029,184 | R--- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2008.03.12 18:24:45 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.02.18 15:18:19 | 001,122,304 | R--- | M] (Mathsoft Engineering & Education, Inc.) -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{E8334783-E2F9-4CA6-86F8-090051418F09}\NewShortcut4_78183C31521C438E98C3B646B0037A7F.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.10.31 10:37:17 | 000,000,908 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.31 14:18:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.30 21:57:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500Core.job
[2012.10.31 14:57:00 | 000,001,064 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.30 00:21:03 | 000,018,078 | ---- | M] () -- C:\WINDOWS\system32\CCCInstall_201210300021037500.log
[2012.10.30 23:42:50 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2012.10.30 23:42:50 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2012.10.29 15:48:09 | 000,710,082 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2005.03.25 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"PowerBar" =
"OEXPRESS" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.30 23:26:43 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=E60E9D5F229CB8DA347D48ADD6E8DC47 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.31 14:55:59 | 000,000,512 | ---- | M] () MD5=6C8A738CD9485BC1804D9625B9F4A177 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.10.31 12:56:21 | 006,717,024 | ---- | M] () -- \Documents and Settings\Administrator\Desktop\sdílené\programy\Ad-Aware SE Professional Edition 1.06r1 Full Cracked.zip
[2006.10.31 14:34:23 | 011,886,784 | ---- | M] () -- \Documents and Settings\Administrator\Desktop\sdílené\programy\Registry Mechanic (with crack).rar
[2010.11.11 02:02:01 | 000,001,150 | ---- | M] () -- \Documents and Settings\Administrator\Desktop\sdílené\staženo dc++\PCTools Registry Mechanic v9.0.0+Crack [ kk ]\Instructions(CRACK).txt
[2010.11.11 02:02:03 | 012,135,572 | ---- | M] () -- \Documents and Settings\Administrator\Desktop\sdílené\staženo dc++\PCTools Registry Mechanic v9.0.0+Crack [ kk ]\PCTools Registry Mechanic v9.0.0+Crack [ kk ].zip
[2001.08.14 17:31:08 | 000,030,054 | ---- | M] () -- \Program Files (x86)\Autodesk\Inventor 2008\Textures\surfaces\Cracks.bmp
[2007.10.02 15:10:09 | 000,067,756 | ---- | M] () -- \Program Files (x86)\Valve\cstrike\sound\misc\cracker1.wav
[2005.09.30 12:02:00 | 000,003,126 | ---- | M] () -- \Program Files\Trnsys16\Studio\Icon\Comis\crack.bmp
[2005.10.19 15:56:36 | 000,004,265 | ---- | M] () -- \Program Files\Trnsys16\Studio\Lib\comis-demo\Proformas\afc\crack\crack.tmf

< *keygen* /s >
[2006.10.31 02:19:54 | 000,053,921 | ---- | M] () -- \Documents and Settings\Administrator\Desktop\sdílené\programy\Fireworks MX 2004\Crack\keygen.exe

< *loader* /s >
[2011.01.19 14:48:16 | 000,000,283 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Application Data\CD-adapco\STAR-CCM+ 4.04.011\config\loaders.ser
[2012.10.30 23:42:15 | 000,001,174 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\7F44FZS9\downloader[1].js
[2012.10.30 23:42:15 | 000,000,723 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IYW901Y7\downloaderror[1].js
[2012.10.30 22:23:28 | 000,001,102 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\N546AN0A\oneMscomJsCssLoader[1].js
[2012.10.30 23:42:13 | 000,003,784 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XFCZLU78\bundleloader[1].js
[2012.10.30 22:51:08 | 000,001,103 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XFCZLU78\oneMscomJsCssLoader[1].js
[2010.01.22 15:17:18 | 000,135,168 | ---- | M] () -- \Program Files (x86)\AB Studio\CADKON-2D 2010.1 pro AutoCAD 2009\AbItemsEvaluateLoader.crx
[2006.11.13 22:25:00 | 000,363,008 | ---- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.17\AsLoader.exe
[2006.10.19 01:43:00 | 000,000,647 | ---- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.17\AsLoader.exe.manifest
[2008.07.02 04:05:44 | 000,368,128 | R--- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.88\AsLoader.exe
[2006.10.19 10:43:24 | 000,000,647 | R--- | M] () -- \Program Files (x86)\ASUS\AASP\1.00.88\AsLoader.exe.manifest
[2012.10.30 10:22:59 | 000,052,512 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2012.10.30 10:22:59 | 000,232,224 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2012.10.30 10:23:01 | 001,713,952 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2009.06.19 13:48:12 | 000,023,684 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\doc\client\html\star\base\neo\NeoDynamicClassLoader.html
[2009.06.19 14:04:40 | 000,005,955 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\doc\client\html\star\base\neo\class-use\NeoDynamicClassLoader.html
[2009.06.19 13:48:50 | 000,018,894 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\doc\client\html\star\common\DynamicClassLoader.html
[2009.06.19 14:04:58 | 000,005,854 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\doc\client\html\star\common\class-use\DynamicClassLoader.html
[2009.06.19 13:18:48 | 000,000,456 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\java\platform\config\Modules\org-openide-loaders.xml
[2009.06.19 13:18:40 | 001,112,580 | ---- | M] () -- \Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\java\platform\modules\org-openide-loaders.jar
[2009.06.04 11:20:16 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader16.arx
[2009.06.04 11:20:58 | 000,007,680 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader16.dll
[2009.06.04 11:16:34 | 000,013,824 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader17.arx
[2009.06.04 11:17:22 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader17.dll
[2009.06.04 11:12:46 | 000,014,848 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader18.arx
[2009.06.04 11:13:32 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Common Files\AB Studio Shared\AB Protect\AbLoader18.dll
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2010.06.22 20:56:50 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.06.22 20:56:50 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.06.22 20:56:51 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.06.22 20:56:50 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.18 01:42:24 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.03.14 19:06:49 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.18 15:50:23 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.18 15:50:23 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.06.22 20:58:20 | 000,552,798 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\theme\game_center\loaderBkg.png
[2011.03.29 15:11:24 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.03.29 15:11:24 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.03.29 15:11:24 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.11 17:23:13 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.03.29 15:11:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.03.29 15:11:40 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.04.05 17:08:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\rps\preloader02.swf
[2011.04.27 14:39:28 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.4\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.05.16 17:12:50 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.16 17:12:50 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.16 17:12:50 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.05.16 17:13:05 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.16 17:13:06 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.16 17:13:06 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.02.15 14:13:55 | 000,007,697 | ---- | M] () -- \Program Files (x86)\Java\jdk1.6.0_12\demo\jvmti\hprof\src\hprof_loader.c
[2010.02.15 14:13:55 | 000,002,173 | ---- | M] () -- \Program Files (x86)\Java\jdk1.6.0_12\demo\jvmti\hprof\src\hprof_loader.h
[2010.02.15 14:13:41 | 000,000,455 | ---- | M] () -- \Program Files (x86)\Java\jdk1.6.0_12\lib\visualvm\platform7\config\Modules\org-openide-loaders.xml
[2010.02.15 14:13:41 | 001,011,012 | ---- | M] () -- \Program Files (x86)\Java\jdk1.6.0_12\lib\visualvm\platform7\modules\org-openide-loaders.jar
[2010.02.15 14:13:42 | 000,000,372 | ---- | M] () -- \Program Files (x86)\Java\jdk1.6.0_12\lib\visualvm\platform7\update_tracking\org-openide-loaders.xml
[2007.02.13 07:08:14 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2007.02.13 07:08:15 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2009.05.10 17:36:42 | 000,065,536 | ---- | M] () -- \Program Files (x86)\mkv2vob\loader.exe
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2008.01.30 04:17:22 | 000,032,096 | ---- | M] () -- \Program Files\AutoCAD 2009\AecLoader.arx
[2009.06.04 11:18:12 | 000,016,896 | ---- | M] () -- \Program Files\Common Files\AB Studio Shared\AB Protect\AbLoader17.arx
[2009.06.04 11:19:00 | 000,012,288 | ---- | M] () -- \Program Files\Common Files\AB Studio Shared\AB Protect\AbLoader17.dll
[2009.06.04 11:14:20 | 000,016,896 | ---- | M] () -- \Program Files\Common Files\AB Studio Shared\AB Protect\AbLoader18.arx
[2009.06.04 11:15:06 | 000,012,800 | ---- | M] () -- \Program Files\Common Files\AB Studio Shared\AB Protect\AbLoader18.dll
[2005.03.25 13:00:00 | 000,036,352 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2005.03.25 13:00:00 | 000,036,352 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\wdmloader.dll
[2007.02.18 10:05:26 | 000,036,352 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\wdmloader.dll
[2007.02.18 10:05:26 | 000,036,352 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[4 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.09.20 13:51:46 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2007.04.30 14:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2007.02.18 10:05:26 | 000,036,352 | ---- | M] () -- \WINDOWS\SysWOW64\dmloader.dll
[4 \WINDOWS\SysWOW64\*.tmp files -> \WINDOWS\SysWOW64\*.tmp -> ]
[2010.09.20 13:51:46 | 000,012,532 | ---- | M] () -- \WINDOWS\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2007.04.30 14:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

========== Alternate Data Streams ==========

@Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 31.10.2012 14:54:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2.75 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 70.41% Memory free
5.33 Gb Paging File | 4.59 Gb Available in Paging File | 86.10% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 16.47 Gb Free Space | 11.05% Space Free | Partition Type: NTFS

Computer Name: A02-0732A | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files (x86)\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation.)
Directory [JpegResamplerDir] -- "C:\Program Files (x86)\JPEG Resampler\JpegResampler.exe" "%1" (David Macek)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files (x86)\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation.)
Directory [JpegResamplerDir] -- "C:\Program Files (x86)\JPEG Resampler\JpegResampler.exe" "%1" (David Macek)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccmw.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccmw.exe:*:Enabled:starccmw -- ()
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\win32\intel10.1\star-ccm+.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\win32\intel10.1\star-ccm+.exe:*:Enabled:star-ccm+ -- ()
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" = C:\Program Files (x86)\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\KN_StrongDC\StrongDC.exe" = C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files (x86)\Valve\hl.exe" = C:\Program Files (x86)\Valve\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccm+.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccm+.exe:*:Enabled:starccm+ -- ()
"C:\Program Files (x86)\EA SPORTS\F1 Challenge 2007\F1Challenge2007.exe" = C:\Program Files (x86)\EA SPORTS\F1 Challenge 2007\F1Challenge2007.exe:*:Enabled:F1 Challenge 99-02 -- (Image Space Incorporated)
"C:\Program Files (x86)\Nerd Riot Games\Tennis Critters\TennisCritters.exe" = C:\Program Files (x86)\Nerd Riot Games\Tennis Critters\TennisCritters.exe:*:Enabled:TennisCritters -- ()
"C:\Program Files (x86)\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe" = C:\Program Files (x86)\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb
"C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe" = C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files (x86)\ICQ7.2\ICQ.exe" = C:\Program Files (x86)\ICQ7.2\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files (x86)\ICQ7.4\ICQ.exe" = C:\Program Files (x86)\ICQ7.4\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccmw.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccmw.exe:*:Enabled:starccmw -- ()
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\win32\intel10.1\star-ccm+.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\win32\intel10.1\star-ccm+.exe:*:Enabled:star-ccm+ -- ()
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" = C:\Program Files (x86)\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\KN_StrongDC\StrongDC.exe" = C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files (x86)\Valve\hl.exe" = C:\Program Files (x86)\Valve\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ
"C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccm+.exe" = C:\Program Files (x86)\CD-adapco\STAR-CCM+ 4.04.011\starccm+.exe:*:Enabled:starccm+ -- ()
"C:\Program Files (x86)\EA SPORTS\F1 Challenge 2007\F1Challenge2007.exe" = C:\Program Files (x86)\EA SPORTS\F1 Challenge 2007\F1Challenge2007.exe:*:Enabled:F1 Challenge 99-02 -- (Image Space Incorporated)
"C:\Program Files (x86)\Nerd Riot Games\Tennis Critters\TennisCritters.exe" = C:\Program Files (x86)\Nerd Riot Games\Tennis Critters\TennisCritters.exe:*:Enabled:TennisCritters -- ()
"C:\Program Files (x86)\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe" = C:\Program Files (x86)\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb
"C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe" = C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files (x86)\ICQ7.2\ICQ.exe" = C:\Program Files (x86)\ICQ7.2\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files (x86)\ICQ7.4\ICQ.exe" = C:\Program Files (x86)\ICQ7.4\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{272B28DC-7F63-3F8F-48AD-5651F3F00A8F}" = ccc-utility64
"{5783F2D7-7001-0405-0102-0060B0CE6BBA}" = AutoCAD 2009 - český
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{91175441-4E5D-4e13-B116-828FD352CDB2}" = Canon MP170
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B24B387E-57D8-A1D9-B688-6C144EFC9107}" = AMD Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C15DC683-9966-48A5-B1E2-E7CAA358B534}" = Autodesk Vault 2008 (64-bit add-ins)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"AutoCAD 2009 - český" = AutoCAD 2009 - český
"Autodesk Vault 2008 (64-bit add-ins)" = Autodesk Vault 2008 (64-bit add-ins)
"CCleaner" = CCleaner
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerArchiver_is1" = PowerArchiver 2006 v9.63
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WMFDist11-64" = Windows Media Format 11 runtime
"WMFDist64" = Windows Media Format 9.5 Runtime x64 Edition
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0807E67B-DACB-1739-A87E-3046FF40BA23}" = CCC Help Chinese Traditional
"{0ABCECAD-0600-0400-0100-0ABCECAD0100}" = CADKON-2D 2010.1
"{0ABCECAD-0700-0400-0100-0ABCECAD0100}" = CADKON-TZB 2010.1
"{0DF310E3-6C01-99DC-296F-1D021BA36C2D}" = CCC Help English
"{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS SmartDoctor
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1E8E87B5-4531-CEE3-4791-6AD9E72076EC}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.3
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{27596347-C945-B113-EF47-169D471CEB05}" = CCC Help Turkish
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{2DB0E29F-E040-4842-9864-DDB41DB7A3D7}" = HyperLobby client
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{32A3A4F4-B792-11D6-A78A-00B0D0160120}" = Java(TM) SE Development Kit 6 Update 12
"{3666DE18-A4CC-4E1E-8165-0D78758C2209}" = CCC Help Russian
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{43C67D92-F56E-4729-8673-9A2D5A6036F8}" = ASUS Utilities
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{532669C6-3139-E755-B3B8-95F184EB27EB}" = CCC Help German
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{577F4DD2-ED68-690F-6328-8A8CAC8FCA75}" = CCC Help Polish
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{637A3EC2-4299-67B2-E0D2-C25572F4D37A}" = CCC Help Thai
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Wireless Utility
"{702F39B4-05FB-22F4-8426-E5FFFA330FF3}" = CCC Help Chinese Standard
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D4305B-56E6-4971-A799-FB7678A1D1A5}" = ASUS ATI Driver
"{73FB391E-E800-CC82-D9BA-EF9CB8A939F3}" = CCC Help French
"{747E2E56-A68B-15C6-BB77-31BFE0C031EF}" = CCC Help Spanish
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A37A44B-968E-6CA3-278C-878D4D08B226}" = CCC Help Czech
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7C0FB04E-5A40-C63D-CC1B-B6C1B60FDDA3}" = CCC Help Japanese
"{7C4142F1-8C82-4E7D-B540-3E783B2B7F9A}" = AB Softlock 4
"{7D94796D-007E-45DE-CEAD-8E616D78E95B}" = CCC Help Dutch
"{7E7C98D1-4F44-21D4-C351-25E2367027F3}" = Catalyst Control Center
"{7F4DD591-1200-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2008
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87A91A66-1566-714D-E1BE-1F3B040E65D5}" = CCC Help Swedish
"{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}" = AMD Dual-Core Optimizer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}" = Bluesoleil2.7.0.13 VoIP Release 071227
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92F63D17-2A32-7184-B8D7-905E0E1BC2A9}" = CCC Help Hungarian
"{95CEF602-B837-0C37-F5E6-49C8F3196998}" = CCC Help Greek
"{97E1A4DE-82AB-0448-0AEA-77DC1DD9A492}" = Catalyst Control Center Localization All
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DFD861E-2692-873F-BA2C-E4788648D966}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.5
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B50676DC-AAE9-20DF-01A5-DABCDECD6DFC}" = Catalyst Control Center Graphics Previews Common
"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C6E3F362-AAF3-48CF-B8C4-B3EBC2F2E832}" = F1 Challenge 2007 Full version
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{D9C7FB0D-B233-1B2E-E9DC-543911F6D94A}" = Catalyst Control Center InstallProxy
"{DD9F821E-7B8D-210F-A4AE-47C60870DEBE}" = CCC Help Norwegian
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}" = FinePix Studio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E55B00B0-9DBF-4EE1-AC1D-5DEBE12BD097}" = Autodesk Vault 2008
"{E6F42010-AA5A-B862-9620-8CBD23ACDED4}" = CCC Help Portuguese
"{E8334783-E2F9-4CA6-86F8-090051418F09}" = Mathcad 13
"{EAAE7669-947C-26DD-563D-863B63FFC1EA}" = CCC Help Finnish
"{EDA29782-168B-4D2E-9A1E-CFEC3246DCFE}" = ASUS ATI Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F296A4CD-54A2-1EEE-CE14-8F88A1D97083}" = CCC Help Korean
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FACF203E-0F4D-489A-B80C-D185253C8FCB}" = Autodesk Design Review 2008
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Autodesk Vault 2008" = Autodesk Vault 2008
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"Dostihy 3000 deluxe" = Dostihy 3000 deluxe 1.1
"DriverAgent.exe" = DriverAgent by eSupport.com
"ESET Online Scanner" = ESET Online Scanner v3
"Hamachi" = Hamachi 1.0.3.0
"InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0100}" = CADKON-2D 2010.1 pro AutoCAD 2009
"InstallShield_{0ABCECAD-0700-0400-0100-0ABCECAD0100}" = CADKON-TZB 2010.1 pro AutoCAD 2009
"InstallShield_{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS SmartDoctor
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{43C67D92-F56E-4729-8673-9A2D5A6036F8}" = ASUS Utilities
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"JPEG Resampler_is1" = JPEG Resampler Vs 5.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.0 (Standard)
"Loli Video Converter For M6" = Loli Video Converter For M6 1.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MKVtoolnix" = MKVtoolnix 4.3.0
"Motocross Madness 2" = Microsoft Motocross Madness 2
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 2.0" = Canon MP Navigator 2.0
"MPICH" = MPICH
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"NeonClock" = NeonClock screensaver 1.2
"PC Translator" = PC Translator
"PhotoFiltre" = PhotoFiltre
"STAR-CCM+ for Windows 4.04.011_is1" = STAR-CCM+ for Windows 4.04.011
"STAR-CCM+/STAR-CAD_x86_4.04.011_is1" = STAR-CCM+ (4.04.011) and STAR-CAD Series (4.04.012) for Windows
"STAR-Design for Windows 4.04.015_is1" = STAR-Design for Windows 4.04.015
"STAR-View+win324.04.011_is1" = STAR-View+ for Windows 4.04.011
"Stellarium_is1" = Stellarium 0.8.2
"StrongDC++" = StrongDC++ 2.02
"Tennis Critters" = Tennis Critters
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.9.2010 11:13:27 | Computer Name = A02-0732A | Source = Application Error | ID = 1001
Description = Fault bucket 414526064.

Error - 21.9.2010 14:52:43 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application f1challenge2007.exe, version 1.0.2.6, faulting
module f1challenge2007.exe, version 1.0.2.6, fault address 0x001679a0.

Error - 21.9.2010 15:29:01 | Computer Name = A02-0732A | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 22.9.2010 9:24:42 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application f1challenge2007.exe, version 1.0.2.6, faulting
module ntdll.dll, version 5.2.3790.4455, fault address 0x00020d92.

Error - 27.9.2010 17:49:09 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application f1challenge2007.exe, version 1.0.2.6, faulting
module f1challenge2007.exe, version 1.0.2.6, fault address 0x001679a0.

Error - 28.9.2010 9:46:43 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application f1challenge2007.exe, version 1.0.2.6, faulting
module f1challenge2007.exe, version 1.0.2.6, fault address 0x001679a0.

Error - 29.9.2010 15:07:19 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application avast.setup, version 5.0.0.0, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.

Error - 4.10.2010 15:21:39 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application avast.setup, version 5.0.0.0, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.

Error - 13.10.2010 9:08:41 | Computer Name = A02-0732A | Source = Application Error | ID = 1000
Description = Faulting application avast.setup, version 5.0.0.0, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.

Error - 14.10.2010 3:27:33 | Computer Name = A02-0732A | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 27.10.2012 14:17:01 | Computer Name = A02-0732A | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 27.10.2012 14:17:01 | Computer Name = A02-0732A | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 27.10.2012 14:17:01 | Computer Name = A02-0732A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK8 AsIO AswRdr aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 27.10.2012 14:17:12 | Computer Name = A02-0732A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 27.10.2012 14:19:01 | Computer Name = A02-0732A | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

Error - 27.10.2012 14:24:07 | Computer Name = A02-0732A | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 27.10.2012 14:24:07 | Computer Name = A02-0732A | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 30.10.2012 18:29:47 | Computer Name = A02-0732A | Source = Application Popup | ID = 1060
Description = \??\C:\WINDOWS\SysWow64\drivers\TrueSight.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 30.10.2012 18:30:20 | Computer Name = A02-0732A | Source = Application Popup | ID = 1060
Description = \??\C:\WINDOWS\SysWow64\drivers\TrueSight.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 31.10.2012 5:29:39 | Computer Name = A02-0732A | Source = Application Popup | ID = 1060
Description = \??\C:\WINDOWS\SysWow64\drivers\TrueSight.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.


< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
  IE - HKLM\..\SearchScopes,DefaultScope =
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.seznam.cz
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{6EFA99C6-7B10-460E-AD72-EABD509BB121}: "URL" = http://search.microsoft.com/results.asp ... g=en-GB&q={searchTerms}
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{83DD84D1-2E59-48C3-A7F3-4C2945D74379}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
  IE - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\SearchScopes\{E4B41193-BF87-4F6B-9227-743C1EA491C2}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms}
  O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
  O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
  O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
  O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
  O3:64bit: - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
  O3 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
  O4 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500..\Run: [OEXPRESS] File not found
  O4 - HKU\S-1-5-21-1776293813-1955127786-1730301673-500..\Run: [PowerBar] File not found
  O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
  O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
  O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
  O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
  O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
  O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
  O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
  O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
  O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
  O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
  O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
  O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
  O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
  O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
  O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
  O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
  O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
  O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
  O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
  O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
  O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
  O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
  O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
  O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
  O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
  O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
  O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
  O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
  O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
  O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
  O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
  O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
  O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
  O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
  O20 - HKLM Winlogon: System - (lsass.exe) - File not found
  O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
  O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
  O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
  O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
  O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
  O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
  O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
  O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
  O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
  O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
  O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
  O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
  O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
  O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
  O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
  O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
  O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
  O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
  O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
  O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
  O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
  O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
  O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
  [12 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [1 C:\WINDOWS\inf\009\ADMSTestPerformanceCounter\*.tmp files -> C:\WINDOWS\inf\009\ADMSTestPerformanceCounter\*.tmp -> ]
  [1 C:\WINDOWS\inf\inc\ADMSTestPerformanceCounter\*.tmp files -> C:\WINDOWS\inf\inc\ADMSTestPerformanceCounter\*.tmp -> ]
  [23 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  [4 C:\WINDOWS\SysWOW64\*.tmp files -> C:\WINDOWS\SysWOW64\*.tmp -> ]
  [2012.10.31 10:37:17 | 000,000,908 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2012.10.31 14:18:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.10.30 21:57:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500Core.job
  [2012.10.31 14:57:00 | 000,001,064 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500UA.job
  @Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "ctfmon.exe"=
  "ABUNINSTALLEX"=
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

log je tu, ale píšu z jiného pc, protože nevím jak rozchodit internet, který přestal jít a firewall se vypnul

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1776293813-1955127786-1730301673-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ deleted successfully.
C:\WINDOWS\SysWOW64\ieframe.dll moved successfully.
HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\SearchScopes\{6EFA99C6-7B10-460E-AD72-EABD509BB121}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EFA99C6-7B10-460E-AD72-EABD509BB121}\ not found.
Registry key HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\SearchScopes\{83DD84D1-2E59-48C3-A7F3-4C2945D74379}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83DD84D1-2E59-48C3-A7F3-4C2945D74379}\ not found.
Registry key HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\SearchScopes\{E4B41193-BF87-4F6B-9227-743C1EA491C2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4B41193-BF87-4F6B-9227-743C1EA491C2}\ not found.
64bit-Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\ not found.
C:\WINDOWS\SysWOW64\browseui.dll moved successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\ .
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383}\ not found.
C:\WINDOWS\SysWOW64\browseui.dll moved successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ not found.
C:\WINDOWS\SysWOW64\shell32.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1776293813-1955127786-1730301673-500\Software\Microsoft\Windows\CurrentVersion\Run\\PowerBar deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000002\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000003\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000005\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\about\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\ deleted successfully.
File {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cdl\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3dd53d40-7b8b-11D0-b013-00aa0059ce02}\ deleted successfully.
File {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dvd\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12D51199-0DB5-46FE-A120-47A3D7D937CC}\ deleted successfully.
File {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\file\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ftp\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e3-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gopher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e2-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ not found.
File Protocol\Handler\http\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ not found.
File Protocol\Handler\http\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e5-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ not found.
File Protocol\Handler\https\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ not found.
File Protocol\Handler\https\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\its\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\ deleted successfully.
File {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\javascript\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}\ deleted successfully.
File {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\local\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b}\ .
File {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mailto\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}\ deleted successfully.
File {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05300401-BCBC-11d0-85E3-00C04FD85AB4}\ deleted successfully.
File {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mk\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e6-baf9-11ce-8c82-00aa004ba90b}\ deleted successfully.
File {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-its\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\ .
File {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\res\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\ deleted successfully.
File {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sysimage\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76E67A63-06E9-11D2-A840-006008059382}\ deleted successfully.
File {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}\ deleted successfully.
File {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vbscript\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}\ .
File {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wia\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}\ deleted successfully.
File {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ .
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ .
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ .
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}\ deleted successfully.
File {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\deflate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8f6b0360-b80d-11d0-a9b3-006097942311}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\gzip\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8f6b0360-b80d-11d0-a9b3-006097942311}\ .
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\lzdhtml\ deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8f6b0360-b80d-11d0-a9b3-006097942311}\ .
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/webviewhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{733AC4CB-F1A4-11d0-B951-00A0C90312E1}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\userinit.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost:%SystemRoot%\system32\logonui.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:Control_RunDLL "sysdm.cpl" deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System:lsass.exe deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\CDBurn deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\PostBootReminder deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\SysTray deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WPDShServiceObj deleted successfully.
Unable to delete 64bit registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA288BA-9A4C-45B0-95D7-94D524869DB5}\ .
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{438755C2-A8BA-11D1-B96B-00A0C90312E1} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{8C7461EF-2B13-11d2-BE35-3078302C2030} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\ deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP186.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP61.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP87B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP89E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8D.tmp\System.IdentityModel.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8D5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB6D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBC8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP17C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP17E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1A6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1B2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1C7.tmp\Microsoft.Vsa.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1F0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP22D.tmp\ComSvcConfig.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP22D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2C1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP37.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP39.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3A8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3C6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3F0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3F3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP51.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP52.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP53.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP54.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP69.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6C1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP874.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP888.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP88C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8B7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8FA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA38.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB71.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC3.tmp folder deleted successfully.
C:\WINDOWS\inf\009\ADMSTestPerformanceCounter\tmp8E.tmp deleted successfully.
C:\WINDOWS\inf\inc\ADMSTestPerformanceCounter\tmp8F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1E7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1E8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1E9.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1EF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F2.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F3.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F9.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1FA.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1FD.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1FE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI203.tmp deleted successfully.
C:\WINDOWS\Installer\MSI214.tmp deleted successfully.
C:\WINDOWS\Installer\MSI215.tmp deleted successfully.
C:\WINDOWS\Installer\MSI216.tmp deleted successfully.
C:\WINDOWS\Installer\MSI217.tmp deleted successfully.
C:\WINDOWS\Installer\MSI218.tmp deleted successfully.
C:\WINDOWS\Installer\MSI26.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6A.tmp deleted successfully.
C:\WINDOWS\system32\AUTOEXEC.TMP deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET3D.tmp deleted successfully.
C:\WINDOWS\system32\SET42.tmp deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1776293813-1955127786-1730301673-500UA.job moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"ctfmon.exe"| /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"ABUNINSTALLEX"| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\WINDOWS\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 147251028 bytes
->Temporary Internet Files folder emptied: 16972450 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 663029695 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1931144 bytes

User: All Users

User: Default User
->Temp folder emptied: 211769591 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 12118723 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19972 bytes
RecycleBin emptied: 7362500 bytes

Total Files Cleaned = 1 011.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator
->Java cache emptied: 0 bytes

User: All Users

User: Default User
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11012012_172512

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Restart, mackat F8 a zvolit posledni znama konfigurace - ja tusil ze si OTL s 64bit XP neporadi s opravou tech LSP

Pak napiste ci to zabralo

Je to špatné, win se spuští pomalu a to tak, že ještě spuštím manuálně explorer.exe, firewall nejde a ještě jsem si asi odpravil usb wifi adapter, který nereaguje.

Ani ta posledni znama konfigurace, ta by mela dosta PC do stavu pred opravou

bohužel

Zkuste jeste jeden restart a pak pripadne mi zabalte celou slozku _OTL a nekam uploadnete

Takze co vse nam nyni nefunguje\ma problemy?

Mate tam jeste nejaky jiny bod obnovy?

Nejde spustit Windows Firewall/ICS, tím pádem nejde firewall. A ještě před tím než mi odešel wifi adapter nešlo připojení k netu ani vyhledat síť. Ten wifi adapter nemám ani 14 dní, pojedu ho vrátit, nejlépe vyměnit. Sem tam na mě hodí avira error. Nechci fušovat do řemesla, ale nepomohlo by přeinstalování SP2? Když mi nabíhá pc, tak na mě vyskočí staré logovací okno.

Sice nevím jak, ale na notebooku se mi podařilo wifi adapter rozchodit. Takže s výměnou počkám.

S tim SP2 je to dobry napad Zkuste