VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spomaleny pocitac - poprosil by som o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=111950

Stránka 1 z 3

Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 11:54
od barioso
Dobry den
Mam problem , ze mi pocitac reaguje velmi pomaly .
Spravil som si obnovu systemu s bodmi obnovenia , kedy mi to este islo v poriadku ,
ale - obnova systemu je stale neuspesna - aj pri viacerych predchadzajucich datumoch .
Chcel som poslat aj log z RSIT , ale nejde to ani v nudzovom rezime .

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 11:58
od vyosek
Zdravim, pekny den preji a vitam Vas u nas na foru :welcome:

:arrow: Z jakeho duvodu Vam nejde RSITR - pise nejakou hlasku :???:

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com :arrow: Zkuste udelat log z DDS dle navodu kolegy http://www.viry.cz/forum/viewtopic.php?f=24&t=81946

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 12:40
od barioso
RSIT sa nespusti ale vyskoci :
Line 3903 ....Temporay Internet Files \ Content.IES\ZF32QQOY\RSIT[1].exe
Error : Variable used without being declared

RKill som spustil .

Po spusteni DDS malo vyskocit podla navodu ako je na stranke okno cmd s nejakym popisom .
Vyslo len prazdne okno na sekundu a zmizlo . Potom sa uz nic nestalo - Ziaden log .

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 12:42
od vyosek
RSIT nespoustejte z docasne slozky, ale ulozte jej na plochu a nasledne spustte

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 12:51
od barioso
No ale ved to mam ulozene na pracovnej ploche - a odtial to spustam .
Vypise mi : Line 3903 ( File "D:\Document and Setting\Admin\Desktop\RSIT.exe"):
Error: Variable used........

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 14:18
od vyosek
Takze zkusime dalsi utilitu

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 15:49
od barioso
Nie zeby som bol nedockavy - ale stale este scanuje OTL .
Spominal ste , ze to ma pracovat tak 10-15 minut , ale uz to budu skoro
dve hodiny . Tak len tak sa pytam, ci je to normalne .... :) :???:

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 15:52
od vyosek
Pokud skenuje tak jej nechte, ona doba skenu zavisi i na mnozstvi souboru kterymi se musi OTL prodirat...

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 19:50
od barioso
Log z OTL - 1. cast :
===============


OTL logfile created on: 24.5.2011 19:16:13 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = D:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

383,48 Mb Total Physical Memory | 208,28 Mb Available Physical Memory | 54,31% Memory free
921,64 Mb Paging File | 544,58 Mb Available in Paging File | 59,09% Paging File free
Paging file location(s): C:\pagefile.sys 574 574 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 107,48 Gb Total Space | 87,92 Gb Free Space | 81,80% Space Free | Partition Type: NTFS
Drive D: | 41,57 Gb Total Space | 17,79 Gb Free Space | 42,81% Space Free | Partition Type: NTFS

Computer Name: PAL | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.05.24 15:37:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Desktop\OTL.exe
PRC - [2011.03.28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.20 19:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010.09.15 11:15:14 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- D:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006.10.10 15:49:42 | 000,270,336 | ---- | M] () -- D:\WINDOWS\tsnp325.exe
PRC - [2006.10.10 14:11:08 | 000,827,392 | ---- | M] () -- D:\WINDOWS\vsnp325.exe
PRC - [2005.05.10 19:31:22 | 000,241,664 | ---- | M] (Stardock) -- D:\Program Files\Common Files\stardock\SDMCP.exe


========== Modules (SafeList) ==========

MOD - [2011.05.24 15:37:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Desktop\OTL.exe
MOD - [2010.09.15 11:16:56 | 000,008,704 | ---- | M] () -- D:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll
MOD - [2008.04.14 05:42:52 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - File not found [Auto | Stopped] -- -- (gupdate1ca24c7f0166fb0) Služba Google Update (gupdate1ca24c7f0166fb0)
SRV - File not found [Disabled | Stopped] -- -- (DUMeterSvc)
SRV - [2011.03.28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.20 19:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () [On_Demand | Stopped] -- D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)


========== Driver Services (SafeList) ==========

DRV - [2011.04.01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.04.01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.01.29 16:55:22 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2011.01.29 16:50:03 | 000,695,852 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2010.12.20 19:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008.04.14 00:30:04 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.04.03 13:55:26 | 010,251,904 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2006.04.17 09:54:12 | 000,014,336 | R--- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ymidusb.sys -- (YMIDUSB)
DRV - [2005.05.31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004.12.16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004.08.04 00:32:32 | 000,084,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ac97via.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002.06.13 16:08:46 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.szm.sk/
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 88 D1 25 4D 8B CB 01 [binary data]
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.szm.sk"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}:4.1.0.00
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:2.0
FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=panda ... FSI1190&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Program Files\Real\RealPlayer\browserrecord [2010.09.15 11:16:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.05.12 18:51:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.05.12 18:51:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2011.05.14 13:36:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\SeaMonkey 2.0.14\extensions\\Components: D:\Program Files\SeaMonkey\components [2011.05.12 18:07:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.14\extensions\\Plugins: D:\Program Files\SeaMonkey\plugins [2011.05.12 18:07:51 | 000,000,000 | ---D | M]

[2011.04.09 23:05:37 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2010.01.14 08:44:36 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.05.29 16:32:28 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2009.03.22 18:22:45 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2011.05.18 22:57:20 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions
[2011.05.12 18:51:58 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011.04.17 11:58:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)
[2011.04.09 17:36:59 | 000,000,000 | ---D | M] (MediaBar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011.04.09 23:05:57 | 000,000,000 | ---D | M] (MediaBar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2011.05.18 18:52:36 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Toolbar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2010.05.29 16:32:28 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Admin\Application Data\Mozilla\SeaMonkey\Profiles\mrju3h93.default\extensions
[2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\BearShareWebSearch.xml
[2011.01.29 20:42:00 | 000,000,873 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\conduit.xml
[2010.09.12 11:02:52 | 000,000,687 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icq-search.xml
[2010.10.15 21:16:04 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-1.xml
[2010.10.28 17:08:43 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-2.xml
[2010.10.29 18:01:20 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-3.xml
[2010.12.14 16:40:51 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-4.xml
[2010.10.14 15:23:32 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin.xml
[2011.04.09 23:05:37 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010.10.28 17:07:18 | 000,001,583 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.10.28 17:07:18 | 000,001,380 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010.10.28 17:07:18 | 000,001,479 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2011.05.11 20:29:09 | 000,002,051 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchstonicla.xml
[2010.10.28 17:07:18 | 000,001,473 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.10.28 17:07:18 | 000,001,104 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.10.28 17:07:18 | 000,000,830 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011.05.19 19:43:15 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pre aplikáciu Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\ShellBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [snp325] D:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [TkBellExe] D:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnp325] D:\WINDOWS\tsnp325.exe ()
O4 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003..\Run: [POP Peeper] D:\Program Files\POP Peeper\POPPeeper.exe (Mortal Universe)
O4 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003..\Run: [USB Firewall Protection] File not found
O4 - Startup: D:\Documents and Settings\Admin\Start Menu\Programs\Startup\SJphone 1.65.lnk = D:\WINDOWS\Installer\{E1A45BFD-FD3E-45D7-AD5C-A29A506C2EB3}\SoftphoneIcon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 0
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - D:\Program Files\Verdict Free\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - D:\Program Files\Verdict Free\etnxp.dll ()
O15 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..Trusted Domains: stv.sk ([www] http in Dôveryhodné lokality)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.28.64.99
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\MCPClient: DllName - D:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll - D:\Program Files\Common Files\stardock\MCPStub.dll (Stardock)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - D:\Program Files\Common Files\stardock\MCPCore.dll (Stardock)
O24 - Desktop WallPaper: D:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.12.22 16:18:22 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found

Drivers32: midi1 - D:\WINDOWS\System32\xgusb.cpl (YAMAHA CORPORATION)
Drivers32: midi2 - D:\WINDOWS\System32\xgusb.cpl (YAMAHA CORPORATION)
Drivers32: midi3 - D:\WINDOWS\System32\xgusb.cpl (YAMAHA CORPORATION)
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.speex32 - D:\WINDOWS\System32\speex32.acm (Independent Codec Group / www.openacm.org)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - D:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - D:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - D:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.vp31 - D:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.VP60 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - D:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - D:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 7 Days ==========

[2011.05.24 19:01:12 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Admin\Recent
[2011.05.24 15:37:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Admin\Desktop\OTL.exe
[2011.05.24 13:22:50 | 000,606,738 | R--- | C] (Swearware) -- D:\Documents and Settings\Admin\Desktop\dds.scr
[2011.05.24 13:12:45 | 000,000,000 | ---D | C] -- D:\rsit
[2011.05.24 08:14:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\AUTOSKOLA TESTY 2009
[2011.05.24 08:12:15 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\TESTY
[2011.05.24 08:09:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\TESTY 1-35
[2011.05.21 20:22:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\Autoskola 2009 - testy
[2011.05.21 19:18:24 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\windows-xp-profesional-32bit
[2011.05.21 19:10:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\Windows xp Profesional 32bit
[2011.05.21 10:47:47 | 000,000,000 | ---D | C] -- D:\!KillBox
[2011.05.19 19:56:34 | 000,000,000 | ---D | C] -- D:\WINDOWS\temp
[2011.05.18 22:27:08 | 000,000,000 | ---D | C] -- D:\Program Files\hp deskjet 3820 series
[2011.05.18 22:25:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Hewlett-Packard
[2011.05.18 22:24:50 | 000,000,000 | ---D | C] -- D:\Program Files\Hewlett-Packard
[2011.05.18 16:26:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Admin\Desktop\Microsoft Windows XP Professional SP3 CZ x86 Integrovane Unor (Februar) 2011
[2008.08.17 08:36:48 | 000,147,456 | ---- | C] ( ) -- D:\WINDOWS\System32\rsnp325.dll
[2008.08.17 08:36:48 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnpx32.dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325.dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325(6).dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325(5).dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325(4).dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325(3).dll
[2008.02.27 19:31:41 | 000,061,440 | ---- | C] ( ) -- D:\WINDOWS\System32\vsnp325(2).dll
[2008.02.27 19:31:41 | 000,053,248 | ---- | C] ( ) -- D:\WINDOWS\System32\csnp325.dll
[1 D:\Documents and Settings\Admin\*.tmp files -> D:\Documents and Settings\Admin\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.05.24 19:04:38 | 000,002,251 | ---- | M] () -- D:\Documents and Settings\Admin\Start Menu\Programs\Startup\SJphone 1.65.lnk
[2011.05.24 19:04:04 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2011.05.24 19:03:59 | 402,182,144 | -HS- | M] () -- D:\hiberfil.sys
[2011.05.24 18:57:04 | 000,001,092 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job
[2011.05.24 15:57:01 | 000,001,040 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job
[2011.05.24 15:37:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Admin\Desktop\OTL.exe
[2011.05.24 14:23:11 | 000,002,283 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.05.24 13:29:46 | 001,007,108 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\rkill.exe
[2011.05.24 13:22:55 | 000,606,738 | R--- | M] (Swearware) -- D:\Documents and Settings\Admin\Desktop\dds.scr
[2011.05.24 13:15:32 | 000,339,991 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\RSIT.exe
[2011.05.24 08:51:20 | 000,003,596 | ---- | M] () -- D:\WINDOWS\FORGE32.ini
[2011.05.24 08:13:01 | 000,000,920 | ---- | M] () -- D:\Documents and Settings\Admin\Local Settings\Application Data\SRDownloader[1].nast
[2011.05.24 08:12:55 | 089,100,540 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\AUTOSKOLA TESTY 2009.rar
[2011.05.24 08:08:05 | 039,482,176 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\testy.rar
[2011.05.23 17:07:52 | 000,000,202 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2011.05.23 09:34:37 | 000,002,239 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Telefon.lnk
[2011.05.22 22:22:30 | 000,001,744 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2011.05.21 20:20:59 | 017,798,535 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\Autoskola 2009 - testy.rar
[2011.05.21 19:08:26 | 598,049,659 | ---- | M] () -- D:\Documents and Settings\Admin\Desktop\windows-xp-profesional-32bit.rar
[2011.05.19 19:43:15 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2011.05.18 22:27:11 | 000,000,800 | ---- | M] () -- D:\WINDOWS\hpinfo.lnk
[2011.05.18 19:21:58 | 000,005,040 | ---- | M] () -- D:\WINDOWS\wincmd.ini
[2011.05.18 18:54:57 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[1 D:\Documents and Settings\Admin\*.tmp files -> D:\Documents and Settings\Admin\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.24 13:29:46 | 001,007,108 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\rkill.exe
[2011.05.24 13:15:32 | 000,339,991 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\RSIT.exe
[2011.05.24 08:06:57 | 039,482,176 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\testy.rar
[2011.05.24 08:06:17 | 089,100,540 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\AUTOSKOLA TESTY 2009.rar
[2011.05.23 20:58:43 | 402,182,144 | -HS- | C] () -- D:\hiberfil.sys
[2011.05.21 20:20:49 | 017,798,535 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\Autoskola 2009 - testy.rar
[2011.05.18 22:27:11 | 000,000,800 | ---- | C] () -- D:\WINDOWS\hpinfo.lnk
[2011.05.18 15:50:22 | 598,049,659 | ---- | C] () -- D:\Documents and Settings\Admin\Desktop\windows-xp-profesional-32bit.rar
[2011.03.10 21:46:36 | 000,000,145 | ---- | C] () -- D:\WINDOWS\Eudcedit.ini
[2011.03.04 19:37:31 | 000,855,641 | ---- | C] () -- D:\Documents and Settings\Admin\Application Data\PandaIDProtectHelp.chm
[2011.02.13 15:26:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\WB.ini
[2011.02.12 18:03:33 | 000,002,560 | ---- | C] () -- D:\WINDOWS\_MSRSTRT.EXE
[2011.02.08 12:37:55 | 000,120,200 | ---- | C] () -- D:\WINDOWS\System32\DLLDEV32i.dll
[2011.02.02 10:57:03 | 000,000,888 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Application Data\SRDownloader[2].nast
[2011.01.29 23:44:39 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Application Data\SRDownloader[1].err
[2011.01.29 23:39:58 | 000,000,920 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Application Data\SRDownloader[1].nast
[2011.01.29 16:55:21 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\RtNicProp32.dll
[2010.12.10 08:52:13 | 000,000,132 | -H-- | C] () -- D:\Documents and Settings\Admin\Application Data\lakerda1967.sys
[2010.12.10 08:51:55 | 000,010,584 | ---- | C] () -- D:\Documents and Settings\Admin\Application Data\docXConverter (3).ini
[2010.10.13 17:32:09 | 000,038,456 | ---- | C] () -- D:\Documents and Settings\Admin\Application Data\Hodnoty oddelené čiarkou (Windows).ADR
[2010.09.12 10:24:35 | 000,048,140 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2010.07.24 10:32:03 | 000,000,024 | ---- | C] () -- D:\WINDOWS\System32\XLSCX.INI
[2010.07.24 10:31:44 | 000,000,051 | ---- | C] () -- D:\WINDOWS\SW_Win3112X32.DLL
[2010.05.31 14:19:09 | 000,001,632 | ---- | C] () -- D:\WINDOWS\System32\d3d8caps.dat
[2010.02.01 22:59:27 | 000,000,012 | ---- | C] () -- D:\WINDOWS\dirsaver.ini
[2009.12.21 22:45:33 | 000,000,061 | ---- | C] () -- D:\WINDOWS\ABC_mru.ini
[2009.12.01 22:12:54 | 000,201,216 | ---- | C] () -- D:\WINDOWS\System32\mediarcpt.dll
[2009.11.27 09:30:48 | 000,256,512 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2009.11.27 09:30:48 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2009.11.27 09:30:48 | 000,089,088 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2009.11.27 09:30:48 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2009.11.27 09:30:48 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2009.11.25 17:17:01 | 002,091,160 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009.06.12 20:21:06 | 000,000,163 | ---- | C] () -- D:\WINDOWS\spidla.INI
[2009.05.29 20:04:25 | 000,000,000 | ---- | C] () -- D:\WINDOWS\chicksme.ini
[2009.05.10 16:21:05 | 000,000,562 | ---- | C] () -- D:\WINDOWS\gn1to0.INI
[2009.04.30 18:31:06 | 000,000,545 | ---- | C] () -- D:\WINDOWS\psnetwork.ini
[2009.03.21 17:36:43 | 000,004,977 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\ktkinigh.goa
[2009.03.20 11:19:18 | 000,000,230 | ---- | C] () -- D:\WINDOWS\cal.dat
[2009.03.19 22:21:33 | 000,053,808 | ---- | C] () -- D:\WINDOWS\MENINY.EXE
[2009.03.18 10:52:36 | 000,039,095 | ---- | C] () -- D:\WINDOWS\iccsigs.dat
[2009.03.18 10:52:35 | 000,112,688 | ---- | C] () -- D:\WINDOWS\System32\shw32.dll
[2009.03.17 21:20:55 | 000,000,054 | ---- | C] () -- D:\WINDOWS\Player.INI
[2009.03.16 14:14:06 | 000,001,763 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009.02.28 18:55:38 | 000,000,013 | ---- | C] () -- D:\WINDOWS\System32\mrphbks.ini
[2009.02.28 15:08:42 | 000,196,608 | ---- | C] () -- D:\WINDOWS\System32\geturl.exe
[2009.02.28 14:51:37 | 000,020,000 | ---- | C] () -- D:\Documents and Settings\Admin\Application Data\ekiga.conf
[2009.02.26 23:26:08 | 000,000,100 | ---- | C] () -- D:\WINDOWS\System32\imon1.dat
[2009.01.29 16:59:19 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2009.01.23 20:57:52 | 000,001,461 | ---- | C] () -- D:\WINDOWS\WBOXEDIT.INI
[2009.01.05 15:44:10 | 000,053,248 | ---- | C] () -- D:\WINDOWS\bdoscandel.exe
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- D:\WINDOWS\bdoscandellang.ini
[2008.12.15 23:42:45 | 000,000,127 | ---- | C] () -- D:\WINDOWS\XGUSB.INI
[2008.12.05 17:15:07 | 002,255,360 | ---- | C] () -- D:\WINDOWS\System32\libavcodec.dll
[2008.12.05 17:15:07 | 000,395,776 | ---- | C] () -- D:\WINDOWS\System32\libmplayer.dll
[2008.12.05 17:15:07 | 000,262,144 | ---- | C] () -- D:\WINDOWS\System32\TomsMoComp_ff.dll
[2008.12.05 17:15:07 | 000,112,640 | ---- | C] () -- D:\WINDOWS\System32\libmpeg2_ff.dll
[2008.11.01 23:12:20 | 000,000,067 | ---- | C] () -- D:\WINDOWS\Easy Avi Divx Xvid to DVD Burner.INI
[2008.10.28 06:34:17 | 000,000,206 | ---- | C] () -- D:\WINDOWS\System32\dadc9_z.dll
[2008.10.24 08:29:21 | 000,000,118 | ---- | C] () -- D:\WINDOWS\System32\MRT.INI
[2008.09.23 17:12:13 | 000,000,305 | ---- | C] () -- D:\WINDOWS\WININIT.INI
[2008.09.20 22:50:03 | 000,000,461 | ---- | C] () -- D:\WINDOWS\WGPLAYER.INI
[2008.09.20 22:49:09 | 000,000,763 | ---- | C] () -- D:\WINDOWS\WINGROOV.INI
[2008.08.17 13:46:01 | 000,161,484 | ---- | C] () -- D:\WINDOWS\EXPStudio's Audio Converter FREE Uninstaller.exe
[2008.08.17 08:36:54 | 000,827,392 | ---- | C] () -- D:\WINDOWS\vsnp325.exe
[2008.08.17 08:36:54 | 000,270,336 | ---- | C] () -- D:\WINDOWS\tsnp325.exe
[2008.08.17 08:36:53 | 000,015,498 | ---- | C] () -- D:\WINDOWS\snp325.ini
[2008.08.05 14:30:45 | 000,000,032 | ---- | C] () -- D:\WINDOWS\CD-Start.INI
[2008.08.04 21:27:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\cid_store.dat
[2008.07.30 21:24:44 | 000,002,872 | ---- | C] () -- D:\WINDOWS\GNMIDI.INI
[2008.07.25 16:46:16 | 000,013,304 | ---- | C] () -- D:\WINDOWS\System32\drivers\BTNetFilter.sys
[2008.07.25 16:46:15 | 000,011,860 | ---- | C] () -- D:\WINDOWS\System32\drivers\vbtenum.sys
[2008.03.30 16:20:01 | 000,015,840 | ---- | C] () -- D:\WINDOWS\System32\Machnm1.exe
[2008.03.07 03:56:24 | 000,000,041 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\.zreglib
[2008.03.06 19:16:18 | 011,614,518 | ---- | C] () -- D:\WINDOWS\CPICWPPR.DAT
[2008.02.28 02:08:11 | 000,028,160 | ---- | C] () -- D:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.07 06:27:56 | 000,122,880 | ---- | C] () -- D:\WINDOWS\UnGins.exe
[2008.01.24 05:28:28 | 000,000,600 | ---- | C] () -- D:\WINDOWS\Rtcw.INI
[2008.01.23 23:29:21 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008.01.09 01:44:45 | 000,009,869 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2008.01.06 06:46:24 | 000,000,040 | ---- | C] () -- D:\WINDOWS\midwavi.ini
[2007.12.28 07:14:06 | 000,061,952 | ---- | C] () -- D:\WINDOWS\System32\rmmerge2.DLL
[2007.12.28 07:14:06 | 000,009,728 | ---- | C] () -- D:\WINDOWS\System32\rmevents.DLL
[2007.12.28 07:14:00 | 000,003,596 | ---- | C] () -- D:\WINDOWS\FORGE32.ini
[2007.12.24 04:38:14 | 000,001,744 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2007.12.24 04:38:09 | 000,000,202 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2007.12.23 22:36:42 | 000,000,335 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2007.12.23 21:25:14 | 000,000,518 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2007.12.23 21:20:01 | 000,005,040 | ---- | C] () -- D:\WINDOWS\wincmd.ini
[2007.12.23 21:14:45 | 000,000,155 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2007.12.23 19:57:38 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2007.12.23 19:47:51 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2007.12.23 19:46:46 | 000,001,536 | ---- | C] () -- D:\WINDOWS\System32\hidec.exe
[2007.12.23 11:37:39 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2007.12.23 11:29:27 | 000,329,096 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2007.09.18 23:07:32 | 000,237,568 | ---- | C] () -- D:\WINDOWS\System32\SDL.dll
[2006.07.27 19:28:42 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006.07.26 22:00:00 | 000,026,013 | ---- | C] () -- D:\WINDOWS\System32\sleep.exe
[2006.05.03 00:38:24 | 000,072,444 | ---- | C] () -- D:\WINDOWS\SetBrowser.exe
[2006.05.03 00:38:24 | 000,000,748 | ---- | C] () -- D:\WINDOWS\SetBrowser.ini
[2006.04.06 17:59:37 | 000,125,234 | ---- | C] () -- D:\WINDOWS\System32\reboot.exe
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- D:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- D:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- D:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- D:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\ogg.dll
[2004.08.04 06:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2004.08.04 06:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2004.08.04 06:00:00 | 000,435,396 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2004.08.04 06:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2004.08.04 06:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2004.08.04 06:00:00 | 000,068,292 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2004.08.04 06:00:00 | 000,059,904 | ---- | C] () -- D:\WINDOWS\System32\devenum(2).dll
[2004.08.04 06:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2004.08.04 06:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2004.08.04 06:00:00 | 000,018,472 | ---- | C] () -- D:\WINDOWS\System32\Mxp32z.dll
[2004.08.04 06:00:00 | 000,014,649 | ---- | C] () -- D:\WINDOWS\System32\Pcisys32.drv
[2004.08.04 06:00:00 | 000,014,336 | ---- | C] () -- D:\WINDOWS\System32\msdmo(2).dll
[2004.08.04 06:00:00 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2004.08.04 06:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2004.08.04 06:00:00 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2004.08.04 06:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2003.08.06 11:33:22 | 000,000,164 | ---- | C] () -- D:\WINDOWS\System32\psyswin32.dll
[2003.05.06 13:42:40 | 000,176,128 | ---- | C] () -- D:\WINDOWS\System32\GGdll.dll
[2003.04.09 19:30:02 | 000,032,768 | ---- | C] () -- D:\WINDOWS\System32\SoundCardControl.dll
[2003.01.24 18:45:18 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\mrupvers.exe
[2002.09.18 01:45:00 | 000,119,808 | ---- | C] () -- D:\WINDOWS\lsb_un20.exe
[2002.06.06 02:01:58 | 000,029,696 | ---- | C] () -- D:\WINDOWS\System32\asutl8.dll
[1999.10.29 14:35:46 | 000,000,040 | ---- | C] () -- D:\WINDOWS\System32\sx5363.ini
[1998.03.22 14:50:02 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\vidx16.dll

========== LOP Check ==========

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 19:51
od barioso
Log z OTL : 2 cast
=============

[2007.12.24 04:37:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\123 Free Solitaire
[2009.11.25 08:31:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\3CX Assistant
[2010.11.28 15:28:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Acoustica
[2009.11.25 19:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ADPHONE
[2009.03.07 21:00:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Anvil Studio
[2010.03.14 21:18:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Audacity
[2011.04.09 23:05:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\bearsharemediabartb
[2009.12.21 19:12:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Broad Intelligence
[2011.02.05 13:51:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Cakewalk
[2008.02.28 21:12:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Camfrog
[2008.11.22 20:51:46 | 000,000,000 | RH-D | M] -- D:\Documents and Settings\Admin\Application Data\Chromeflower
[2009.03.01 11:14:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\CollanosPhone
[2008.09.19 14:12:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Cool Record Edit Pro
[2009.12.20 19:55:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\COWON
[2008.11.22 20:51:06 | 000,000,000 | RH-D | M] -- D:\Documents and Settings\Admin\Application Data\CrystalSpace
[2007.12.30 09:01:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\DeepBurner
[2011.05.10 20:37:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Desktop Sidebar
[2009.11.27 09:44:25 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\Admin\Application Data\drivers
[2011.04.18 15:51:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\DVDVideoSoftIEHelpers
[2009.11.26 22:36:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\EVCSoft
[2009.05.05 08:27:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\FDRLab
[2009.03.23 09:54:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Flock
[2011.04.09 15:42:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\FMZilla
[2011.05.18 18:52:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Focus Mp3 Recorder
[2008.09.19 14:00:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Free Sound Recorder
[2009.02.12 23:46:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Freshtel
[2010.12.30 11:55:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\GetRightToGo
[2009.11.25 10:20:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Globe7
[2009.07.07 08:11:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\gnupg
[2010.10.11 19:04:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\goalbit
[2010.12.06 13:54:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\GrabPro
[2009.03.16 13:01:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\gtk-2.0
[2008.01.06 03:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ICQ Toolbar
[2009.03.16 13:07:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\KC Softwares
[2010.10.13 14:24:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Linphone
[2009.02.09 16:03:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\LowRateVoip
[2010.01.18 20:29:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MagicBall3
[2011.02.08 12:44:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MAGIX
[2008.02.29 02:15:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Mahogany
[2011.05.12 17:30:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Maxthon3
[2011.04.09 17:37:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\mediabarbs
[2009.02.28 14:29:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Mizu
[2008.02.28 21:19:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MSNInstaller
[2010.03.19 19:48:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Music Recognition
[2009.03.23 08:31:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MxBoost
[2011.04.09 15:35:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\NCH Swift Sound
[2009.11.25 12:42:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\NewNetTelephoneOnline
[2008.06.14 11:26:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Nokia
[2009.11.25 18:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Nortel
[2011.04.09 13:58:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\OpenCandy
[2010.10.22 21:38:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Opera
[2011.04.09 15:41:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Orbit
[2009.03.24 15:19:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Orca Profiles
[2010.10.21 08:31:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\OTM-World
[2011.01.11 17:10:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Panda Security
[2011.04.17 11:58:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\pandasecuritytb(2)
[2008.06.14 06:44:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PC Suite
[2010.10.03 17:34:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PhotoScape
[2011.05.24 13:04:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\POP Peeper
[2011.05.17 20:10:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Power Sound Editor Free
[2009.04.30 18:28:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PPLive
[2009.04.30 18:25:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PPMate
[2009.04.30 18:31:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ppStream
[2010.12.06 13:54:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ProgSense
[2011.02.02 10:28:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Reviversoft
[2009.03.04 17:07:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Rokario
[2008.09.20 20:26:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Roni Music
[2010.10.13 15:07:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SIP Communicator
[2009.11.25 10:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Sipey
[2011.05.12 17:19:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SlimBrowser
[2010.10.12 17:36:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Sony
[2011.04.28 16:17:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Spamihilator
[2009.08.24 16:49:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Spider Player
[2011.01.20 23:53:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SurfSecret Privacy Suite
[2010.11.28 15:29:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SynthMaker
[2011.04.29 07:43:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\The Bat!
[2010.01.14 08:44:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Thunderbird
[2009.03.21 17:32:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\UK's Kalender
[2011.04.28 16:28:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Uniblue
[2011.03.10 18:25:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\URSoft
[2011.05.18 18:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\uTorrent
[2011.04.11 18:16:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\VividLyrics
[2010.10.13 11:17:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Vphonet
[2010.05.05 20:10:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Windows Live Writer
[2009.03.19 22:01:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\XemiComputers
[2010.10.04 15:21:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\XnView
[2009.11.25 12:28:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Zoiper
[2008.09.20 21:46:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\zweitgeist
[2010.11.28 15:18:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Acoustica
[2011.01.04 10:36:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2008.07.25 16:54:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Bluetooth
[2011.02.05 14:32:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Cakewalk
[2010.02.27 10:25:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CounterPath
[2009.12.30 19:10:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ICQ
[2009.09.11 21:26:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IM
[2009.09.11 21:23:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IncrediMail
[2008.06.14 06:40:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Installations
[2011.02.08 12:41:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MAGIX
[2008.03.06 06:37:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011.04.09 15:36:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011.04.27 18:23:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Panda Security
[2008.03.01 21:12:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PY_Software
[2010.12.06 13:56:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ReviverSoft
[2009.05.29 20:04:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SME Kuramatic
[2009.05.09 09:13:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SpeedBit
[2011.03.10 22:30:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2011.04.27 19:53:14 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"POP Peeper" = "D:\Program Files\POP Peeper\POPPeeper.exe" -min -- [2010.09.10 00:09:36 | 001,511,424 | ---- | M] (Mortal Universe)
"USB Firewall Protection" = 2
"ctfmon.exe" = D:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.11.28 15:18:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Acoustica
[2007.12.23 21:04:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Adobe
[2011.01.04 10:36:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.12.22 13:30:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Apple Computer
[2011.05.04 23:28:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Avira
[2008.07.25 16:54:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Bluetooth
[2011.02.05 14:32:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Cakewalk
[2010.02.27 10:25:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CounterPath
[2008.01.03 17:41:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CyberLink
[2010.11.17 22:59:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DivX
[2008.01.27 01:12:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DVD Shrink
[2011.01.05 20:26:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Google
[2009.12.30 19:10:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ICQ
[2011.02.05 13:47:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Identities
[2009.09.11 21:26:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IM
[2009.09.11 21:23:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\IncrediMail
[2008.06.14 06:40:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Installations
[2011.02.08 12:41:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MAGIX
[2009.11.27 12:26:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.03.09 17:15:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\McAfee
[2011.04.27 21:15:32 | 000,000,000 | --SD | M] -- D:\Documents and Settings\All Users\Application Data\Microsoft
[2011.01.30 12:51:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008.03.06 06:37:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011.04.09 15:36:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007.12.23 21:08:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Nero
[2011.04.27 18:23:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Panda Security
[2008.03.01 21:12:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PY_Software
[2010.12.06 13:56:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ReviverSoft
[2011.02.04 21:20:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Skype
[2009.05.29 20:04:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SME Kuramatic
[2009.05.09 09:13:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SpeedBit
[2009.11.27 18:16:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.11.27 18:20:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011.03.10 22:30:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2009.04.27 19:14:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.04.27 19:53:14 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.11.17 22:49:58 | 000,056,969 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.11.17 22:51:29 | 000,057,409 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.11.17 22:52:27 | 000,054,128 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.11.17 22:52:38 | 000,054,153 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.11.17 22:52:54 | 000,056,458 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.11.17 22:59:25 | 000,056,765 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.11.17 22:52:48 | 000,054,174 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.11.17 22:53:08 | 000,057,532 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.11.17 22:53:16 | 000,054,166 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.11.17 22:53:26 | 000,057,054 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.11.17 22:51:34 | 000,054,101 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.11.17 22:51:11 | 000,052,963 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.11.17 22:58:35 | 000,057,736 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.11.17 22:50:14 | 000,054,073 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.11.18 08:22:30 | 000,144,696 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010.11.17 22:43:13 | 000,876,824 | ---- | M] (DivX, Inc. ) -- D:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.11.17 22:52:16 | 000,054,644 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.11.17 22:54:22 | 000,084,038 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.11.17 22:58:41 | 000,053,600 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.11.17 22:59:10 | 000,056,997 | ---- | M] (DivX, Inc.) -- D:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2011.01.03 21:51:59 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- D:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2010.06.02 11:45:23 | 000,024,576 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\31E6481A7A624C39BB43E8BF6390376C\Music Mood for Skype.exe
[2011.02.04 14:24:17 | 000,147,456 | ---- | M] (bra) -- D:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\5453971DEC7E4619B11BD699BAA57185\ExtendedContact.exe

< %APPDATA%\*. >
[2007.12.24 04:37:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\123 Free Solitaire
[2009.11.25 08:31:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\3CX Assistant
[2010.11.28 15:28:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Acoustica
[2010.02.25 22:50:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Adobe
[2009.11.25 19:23:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ADPHONE
[2008.07.23 19:19:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Ahead
[2009.03.07 21:00:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Anvil Studio
[2010.12.22 12:46:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Apple Computer
[2010.03.14 21:18:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Audacity
[2011.05.13 19:57:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Avant Profiles
[2011.05.04 23:31:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Avira
[2011.04.09 23:05:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\bearsharemediabartb
[2009.12.21 19:12:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Broad Intelligence
[2011.02.05 13:51:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Cakewalk
[2008.02.28 21:12:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Camfrog
[2008.11.22 20:51:46 | 000,000,000 | RH-D | M] -- D:\Documents and Settings\Admin\Application Data\Chromeflower
[2009.03.01 11:14:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\CollanosPhone
[2008.09.19 14:12:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Cool Record Edit Pro
[2009.03.18 11:01:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Corel
[2009.12.20 19:55:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\COWON
[2008.11.22 20:51:06 | 000,000,000 | RH-D | M] -- D:\Documents and Settings\Admin\Application Data\CrystalSpace
[2008.01.03 17:41:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\CyberLink
[2007.12.30 09:01:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\DeepBurner
[2011.05.10 20:37:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Desktop Sidebar
[2010.11.17 22:58:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\DivX
[2009.11.27 09:44:25 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\Admin\Application Data\drivers
[2010.04.01 07:18:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\dvdcss
[2011.04.18 15:51:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\DVDVideoSoftIEHelpers
[2009.11.26 22:36:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\EVCSoft
[2009.05.05 08:27:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\FDRLab
[2009.03.23 09:54:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Flock
[2011.04.09 15:42:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\FMZilla
[2011.05.18 18:52:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Focus Mp3 Recorder
[2008.09.19 14:00:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Free Sound Recorder
[2009.02.12 23:46:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Freshtel
[2010.12.30 11:55:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\GetRightToGo
[2009.11.25 10:20:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Globe7
[2009.07.07 08:11:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\gnupg
[2010.10.11 19:04:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\goalbit
[2011.01.05 15:09:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Google
[2010.12.06 13:54:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\GrabPro
[2009.03.16 13:01:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\gtk-2.0
[2007.12.28 07:14:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Help
[2008.01.06 03:25:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ICQ Toolbar
[2007.12.23 21:12:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Identities
[2008.01.06 03:16:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\InstallShield
[2009.03.16 13:07:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\KC Softwares
[2010.10.13 14:24:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Linphone
[2009.02.09 16:03:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\LowRateVoip
[2007.12.23 23:53:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Macromedia
[2010.01.18 20:29:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MagicBall3
[2011.02.08 12:44:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MAGIX
[2008.02.29 02:15:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Mahogany
[2009.11.27 12:26:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Malwarebytes
[2011.05.12 17:30:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Maxthon3
[2011.04.09 17:37:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\mediabarbs
[2011.05.19 07:19:27 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Admin\Application Data\Microsoft
[2009.02.28 14:29:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Mizu
[2011.04.09 23:05:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Mozilla
[2008.02.28 21:19:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MSNInstaller
[2010.03.19 19:48:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Music Recognition
[2009.03.23 08:31:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\MxBoost
[2011.04.09 15:35:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\NCH Swift Sound
[2009.11.25 12:42:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\NewNetTelephoneOnline
[2008.06.14 11:26:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Nokia
[2009.11.25 18:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Nortel
[2011.04.09 13:58:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\OpenCandy
[2010.10.22 21:38:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Opera
[2011.04.09 15:41:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Orbit
[2009.03.24 15:19:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Orca Profiles
[2010.10.21 08:31:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\OTM-World
[2011.01.11 17:10:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Panda Security
[2011.04.17 11:58:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\pandasecuritytb(2)
[2008.06.14 06:44:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PC Suite
[2010.10.03 17:34:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PhotoScape
[2011.05.24 13:04:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\POP Peeper
[2011.05.17 20:10:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Power Sound Editor Free
[2009.04.30 18:28:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PPLive
[2009.04.30 18:25:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\PPMate
[2009.04.30 18:31:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ppStream
[2010.12.06 13:54:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\ProgSense
[2010.09.15 11:19:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Real
[2011.02.02 10:28:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Reviversoft
[2009.03.04 17:07:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Rokario
[2008.09.20 20:26:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Roni Music
[2010.10.13 15:07:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SIP Communicator
[2009.11.25 10:54:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Sipey
[2011.05.24 15:38:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Skype
[2011.02.04 17:02:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\skypePM
[2011.05.12 17:19:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SlimBrowser
[2010.10.12 17:36:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Sony
[2009.04.30 18:48:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SopCast
[2011.04.28 16:17:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Spamihilator
[2009.08.24 16:49:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Spider Player
[2008.01.09 01:47:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Sun
[2011.01.04 19:42:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SUPERAntiSpyware.com
[2011.01.20 23:53:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SurfSecret Privacy Suite
[2010.11.28 15:29:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\SynthMaker
[2009.02.08 19:09:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Syntrillium
[2011.04.29 07:43:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\The Bat!
[2010.01.14 08:44:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Thunderbird
[2009.03.21 17:32:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\UK's Kalender
[2011.04.28 16:28:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Uniblue
[2011.03.10 18:25:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\URSoft
[2011.05.18 18:52:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\uTorrent
[2009.02.28 23:12:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Ventrilo
[2011.04.11 18:16:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\VividLyrics
[2011.05.23 20:48:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\vlc
[2010.10.13 11:17:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Vphonet
[2010.05.05 20:10:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Windows Live Writer
[2009.03.19 22:01:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\XemiComputers
[2010.10.04 15:21:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\XnView
[2009.11.27 14:28:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Yahoo!
[2009.11.25 12:28:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\Zoiper
[2008.09.20 21:46:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Admin\Application Data\zweitgeist

< %APPDATA%\*.exe /s >
[2010.02.01 19:23:16 | 000,015,688 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Microsoft\IM-HM\Giftpack from Hotmail.exe
[2010.02.01 19:20:03 | 016,606,040 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Microsoft\IM-HM\im-hm-uninst.exe
[2011.02.02 10:02:41 | 000,356,576 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_41CDD77222BC42AD913EE7E11F1A7F7A\LatestDLMgr.exe
[2011.01.14 22:48:26 | 004,447,072 | ---- | M] (ReviverSoft ) -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_41CDD77222BC42AD913EE7E11F1A7F7A\RegistryReviverSetup-afl_.exe
[2011.01.15 01:11:04 | 000,059,688 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_41CDD77222BC42AD913EE7E11F1A7F7A\RevStarter.exe
[2011.04.09 13:58:21 | 000,416,160 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_73FB9F38B65E44C98E7A2592A619605F\LatestDLMgr.exe
[2011.02.09 20:12:20 | 004,447,072 | ---- | M] (ReviverSoft ) -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_73FB9F38B65E44C98E7A2592A619605F\RegistryReviverSetup-afl_.exe
[2011.02.09 21:04:30 | 000,059,688 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_73FB9F38B65E44C98E7A2592A619605F\RevStarter.exe
[2010.12.03 20:05:36 | 012,916,864 | ---- | M] (ReviverSoft LLC.) -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_E4E39160ADE244FDB5CCFFB12FCE78F5\AFIRegistryReviverSetup.exe
[2010.12.06 13:55:09 | 013,055,464 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_E4E39160ADE244FDB5CCFFB12FCE78F5\AFIRegistryReviver_p21v1.exe
[2010.12.06 13:54:00 | 000,349,296 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_E4E39160ADE244FDB5CCFFB12FCE78F5\DLMgr_3_1.6.87.exe
[2010.12.03 20:50:24 | 000,059,944 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\OpenCandy\OpenCandy_E4E39160ADE244FDB5CCFFB12FCE78F5\RevStarter.exe
[2007.12.30 05:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- D:\Documents and Settings\Admin\Application Data\Orca Profiles\.default\mozdata\UserData\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.30 05:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- D:\Documents and Settings\Admin\Application Data\Orca Profiles\.default\mozdata\UserData\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe


< MD5 for: AGP440.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- D:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\autochk.exe
[2008.04.14 05:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- D:\WINDOWS\system32\autochk.exe
[2004.08.04 06:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- D:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 06:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- D:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- D:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- D:\WINDOWS\system32\cryptsvc.dll
[2006.12.28 07:48:16 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=87F3E2D2A3231F820F9248DB90090F42 -- D:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- D:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- D:\WINDOWS\system32\eventlog.dll
[2004.08.04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- D:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- D:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- D:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX0\procs\explorer.exe
[2011.01.16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX1\procs\explorer.exe
[2006.12.28 07:48:24 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=42D32722B805D7DF42D30487A0BCBD78 -- D:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- D:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- D:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\SP2GDR\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX0\h\explorer.exe
[2005.08.16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX1\h\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- D:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\hal.dll
[2008.04.14 00:01:28 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- D:\WINDOWS\system32\HAL.DLL
[2006.12.28 07:48:30 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=EDB94A1C9AE398A9ED5DB8587654C87E -- D:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- D:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- D:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- D:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 06:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- D:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- D:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- D:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- D:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 06:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- D:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- D:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- D:\WINDOWS\system32\netlogon.dll
[2004.08.04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- D:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- D:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- D:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- D:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- D:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- D:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- D:\WINDOWS\system32\smss.exe
[2004.08.04 06:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- D:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- D:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- D:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- D:\WINDOWS\system32\svchost.exe
[2004.08.04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- D:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.12.28 20:48:02 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=C5E8C53A50767F016B539D946ED8B121 -- D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- D:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- D:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- D:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- D:\WINDOWS\system32\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX0\userinit.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX1\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX0\winlogon.exe
[2009.05.26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- D:\Documents and Settings\Admin\Local Settings\temp\RarSFX1\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- D:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- D:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- D:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- D:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- D:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- D:\WINDOWS\system32\ws2_32.dll
[2004.08.04 06:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- D:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.12.23 11:28:34 | 000,098,304 | ---- | M] () -- D:\WINDOWS\system32\config\default.sav
[2007.12.23 11:28:34 | 000,659,456 | ---- | M] () -- D:\WINDOWS\system32\config\software.sav
[2007.12.23 11:28:34 | 000,872,448 | ---- | M] () -- D:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.05.22 22:22:30 | 000,001,744 | ---- | M] () -- D:\WINDOWS\system32\d3d9caps.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:59756FA4
@Alternate Data Stream - 135 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51
@Alternate Data Stream - 105 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
@Alternate Data Stream - 101 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 19:52
od barioso
Log z Extras :
==========


OTL Extras logfile created on: 24.5.2011 19:16:13 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = D:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

383,48 Mb Total Physical Memory | 208,28 Mb Available Physical Memory | 54,31% Memory free
921,64 Mb Paging File | 544,58 Mb Available in Paging File | 59,09% Paging File free
Paging file location(s): C:\pagefile.sys 574 574 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 107,48 Gb Total Space | 87,92 Gb Free Space | 81,80% Space Free | Partition Type: NTFS
Drive D: | 41,57 Gb Total Space | 17,79 Gb Free Space | 42,81% Space Free | Partition Type: NTFS

Computer Name: PAL | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- D:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "D:\Program Files\Opera\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prehliadať v XnView] -- "D:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"8000:UDP" = 8000:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8001:UDP" = 8001:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8002:UDP" = 8002:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8003:UDP" = 8003:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8004:UDP" = 8004:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8005:UDP" = 8005:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8006:UDP" = 8006:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8007:UDP" = 8007:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8008:UDP" = 8008:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"8009:UDP" = 8009:UDP:*:Enabled:Express Talk RTP Incoming Audio (UDP)
"5070:UDP" = 5070:UDP:*:Enabled:Express Talk Sip Incoming Calls (UDP)
"94:TCP" = 94:TCP:*:Enabled:VRS Recording System Web Control Panel
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\WINDOWS\system32\mmc.exe" = D:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:Bluetooth Application -- (IVT Corporation)
"D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\uTorrent\utorrent.exe" = D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\VideoLAN\VLC\vlc.exe" = D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"D:\Program Files\SJphone 1.65\SJphone.exe" = D:\Program Files\SJphone 1.65\SJphone.exe:*:Enabled:SJphone 1.65 -- (SJ Labs, Inc.)
"D:\Program Files\Java\jre1.6.0_05\bin\javaw.exe" = D:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Program Files\Opera\opera.exe" = D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\Program Files\Real\RealPlayer\realplay.exe" = D:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"D:\Program Files\POP Peeper\POPPeeper.exe" = D:\Program Files\POP Peeper\POPPeeper.exe:*:Enabled:POP Peeper -- (Mortal Universe)
"D:\Program Files\StrongDC++\StrongDC.exe" = D:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"D:\Program Files\Avant Browser\avant.exe" = D:\Program Files\Avant Browser\avant.exe:*:Enabled:avant -- (Avant Force)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{400348D1-032F-4717-A840-D52F975C1051}" = Nero 7 Ultra Edition
"{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64CE8481-B5BD-11D5-BF19-0003473E46FD}" = Prevody jednotiek
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0900)
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-A80000000000}" = Adobe Reader 8 - Slovak
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BAD19C4C-88D9-49FB-B1E1-0BA1F89969E6}" = SuperVoice VoIP
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DE5C0277-92AF-4E43-9142-C53A8C1BDBB4}" = 95855
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{E1A45BFD-FD3E-45D7-AD5C-A29A506C2EB3}" = SJphone 1.65
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"µTorrent CZ_is1" = µTorrent CZ 1.8.2 (build 14458)
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AvantBrowser" = Avant Browser (remove only)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSPlayer1" = BSPlayer
"Cakewalk Pro Audio 9" = Cakewalk Pro Audio 9
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DesktopX" = DesktopX
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EXPStudio's Audio Converter FREE" = EXPStudio's Audio Converter FREE
"hp deskjet 3820 series" = hp deskjet 3820 series (Remove only)
"hp deskjet 3820 series_Driver" = hp deskjet 3820 series
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Network Play System (Patching)" = Network Play System (Patching)
"Opera 11.01.1190" = Opera 11.01
"OrcaBrowser" = Orca Browser
"PhotoScape" = PhotoScape
"POP Peeper" = POP Peeper
"RealPlayer 6.0" = RealPlayer
"Recepty doma_is1" = Recepty doma
"ReNamer_is1" = ReNamer
"SeaMonkey (2.0.14)" = SeaMonkey (2.0.14)
"Sound Forge 4.5c Build-281" = Sound Forge 4.5c Build-281
"StrongDC++" = StrongDC++ 2.41
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.5
"VMidi" = vanBasco's Karaoke Player
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Sidebar" = Windows Sidebar
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.96

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Verdict Free" = Slovník Verdict Free (a internetový překladač)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18.5.2011 9:32:15 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 9:32:18 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:01:29 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:01:32 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:31:54 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:31:59 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:55:15 | Computer Name = PAL | Source = Avira AntiVir | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9

Error - 18.5.2011 12:55:26 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:55:27 | Computer Name = PAL | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Názov adresára nie je platný.

Error - 18.5.2011 12:59:22 | Computer Name = PAL | Source = Avira AntiVir | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9

[ OSession Events ]
Error - 9.3.2011 14:52:49 | Computer Name = PAL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 64
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.3.2011 14:54:13 | Computer Name = PAL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 47
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 24.5.2011 12:39:18 | Computer Name = PAL | Source = Dhcp | ID = 1000
Description = Počítač prišiel o prenájom adresy IP 85.135.135.127 na sieťovej karte
so sieťovou adresou 00E04D0073FC.

Error - 24.5.2011 12:42:20 | Computer Name = PAL | Source = ACPI | ID = 327685
Description = AMLI: ACPI BIOS is attempting to write to an illegal IO port address
(0x70), which lies in the 0x70 - 0x71 protected address range. This could lead to
system instability. Please contact your system vendor for technical assistance.

Error - 24.5.2011 12:42:20 | Computer Name = PAL | Source = ACPI | ID = 327684
Description = AMLI: ACPI BIOS is attempting to read from an illegal IO port address
(0x71), which lies in the 0x70 - 0x71 protected address range. This could lead to
system instability. Please contact your system vendor for technical assistance.

Error - 24.5.2011 12:44:55 | Computer Name = PAL | Source = DCOM | ID = 10010
Description = Server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 24.5.2011 12:45:43 | Computer Name = PAL | Source = DCOM | ID = 10010
Description = Server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 24.5.2011 13:04:24 | Computer Name = PAL | Source = ACPI | ID = 327685
Description = AMLI: ACPI BIOS is attempting to write to an illegal IO port address
(0x70), which lies in the 0x70 - 0x71 protected address range. This could lead to
system instability. Please contact your system vendor for technical assistance.

Error - 24.5.2011 13:04:24 | Computer Name = PAL | Source = ACPI | ID = 327684
Description = AMLI: ACPI BIOS is attempting to read from an illegal IO port address
(0x71), which lies in the 0x70 - 0x71 protected address range. This could lead to
system instability. Please contact your system vendor for technical assistance.

Error - 24.5.2011 13:05:34 | Computer Name = PAL | Source = DCOM | ID = 10010
Description = Server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 24.5.2011 13:06:32 | Computer Name = PAL | Source = DCOM | ID = 10010
Description = Server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 24.5.2011 13:22:21 | Computer Name = PAL | Source = Dhcp | ID = 1000
Description = Počítač prišiel o prenájom adresy IP 85.135.135.127 na sieťovej karte
so sieťovou adresou 00E04D0073FC.


< End of report >

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 24 kvě 2011 22:54
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - File not found [Auto | Stopped] -- -- (gupdate1ca24c7f0166fb0) Služba Google Update (gupdate1ca24c7f0166fb0)
SRV - File not found [Disabled | Stopped] -- -- (DUMeterSvc)
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 88 D1 25 4D 8B CB 01 [binary data]
IE - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p="
[2011.04.17 11:58:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)
[2011.04.09 17:36:59 | 000,000,000 | ---D | M] (MediaBar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011.04.09 23:05:57 | 000,000,000 | ---D | M] (MediaBar) -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\BearShareWebSearch.xml
[2011.01.29 20:42:00 | 000,000,873 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\conduit.xml
[2010.09.12 11:02:52 | 000,000,687 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icq-search.xml
[2010.10.15 21:16:04 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-1.xml
[2010.10.28 17:08:43 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-2.xml
[2010.10.29 18:01:20 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-3.xml
[2010.12.14 16:40:51 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-4.xml
[2010.10.14 15:23:32 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin.xml
[2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\ShellBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1715567821-1202660629-1957994488-1003..\Run: [USB Firewall Protection] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[1 D:\Documents and Settings\Admin\*.tmp files -> D:\Documents and Settings\Admin\*.tmp -> ]
[2011.05.24 18:57:04 | 000,001,092 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job
[2011.05.24 15:57:01 | 000,001,040 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job
@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:59756FA4
@Alternate Data Stream - 135 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51
@Alternate Data Stream - 105 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0
@Alternate Data Stream - 101 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
 
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit ci FIX
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 25 kvě 2011 06:37
od barioso
Zasielam log.
Ale este predtym , pocas Fix v OTL vyskocilo :
Priecinok Dd593.en sa neda odstranit .


All processes killed
========== OTL ==========
Service wuauserv stopped successfully!
Service wuauserv deleted successfully!
Error: No service named gupdate1ca24c7f0166fb0) Služba Google Update (gupdate1ca24c7f0166fb0 was found to stop!
Service\Driver key gupdate1ca24c7f0166fb0) Služba Google Update (gupdate1ca24c7f0166fb0 not found.
Service DUMeterSvc stopped successfully!
Service DUMeterSvc deleted successfully!
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g\\| /E : value set successfully!
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g\\| /E : value set successfully!
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g\\| /E : value set successfully!
HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\SearchURL\g\\| /E : value set successfully!
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "http://search.yahoo.com/search?fr=panda ... FSI1190&p=" removed from keyword.URL
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\Setup(2)\ADA(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\Setup(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\components(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\searchbar(2)\engines(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\searchbar(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\options(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\panels(2)\images(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\panels(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2)\icons(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\weatherbutton(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\uwa(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\images(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\default(2)\scripts(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\default(2)\images(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\default(2)\css(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\default(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2)\css(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2)\panels(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2)\lib(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\skin(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\locale(2)\toolbar(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\locale(2)\lib(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\locale(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\data(2)\search(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\data(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www(2).shopping folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\widgets(2)\net.vmn.www(2).Coupons folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\widgets(2)\keypad(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\widgets(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\modules(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2)\lib(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2)\content(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2)\chrome(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}(2) folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\components folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\searchbar folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\options folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\uwa folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\scripts folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\skin\scripts folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\skin\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\skin\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\skin folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\js folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.YouTube folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\skin\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\skin\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\skin folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\js folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Twitter folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\modules folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\lib folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data\search folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\components folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\searchbar folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\options folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\uwa folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\radio\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\radio\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\radio folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\panels\images folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\panels\css folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\panels folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\widgets\net.vmn.www.3.YouTube.1217 folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\widgets\net.vmn.www.3.Twitter.1227 folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\widgets folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\modules folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\lib folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\data\search folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\data folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} folder moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\BearShareWebSearch.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\conduit.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icq-search.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-1.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-2.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-3.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin-4.xml moved successfully.
D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\searchplugins\icqplugin.xml moved successfully.
D:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Run\\USB Firewall Protection deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71}
D:\WINDOWS\Downloaded Program Files\WMV9VCM.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
D:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
D:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
D:\Documents and Settings\Admin\nsoFE0.tmp\DivXComponentInstaller.exe deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\DivXConnectionTester.exe deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\EmailValidator.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\fftbapi.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\gdsapi.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\google-browser-choice.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\google-toolbar-choice.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\google-toolbardesktop-choice.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\InstallOptions.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\ioSpecial.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\LangDLL.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\modern-header.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\modern-wizard.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\newsletter-banner.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\PCloser.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\ReadMe-de.txt deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\ReadMe-en.txt deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\ReadMe-fr.txt deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\ReadMe-ja.txt deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\side-banner-divxforwindows.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\splash-screen-nostretch.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\System.dll deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\toolbar-complete.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\toolbar-screenshot.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\UpdateIcon.bmp deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp\version-check.ini deleted successfully.
D:\Documents and Settings\Admin\nsoFE0.tmp folder deleted successfully.
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job moved successfully.
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job moved successfully.
ADS D:\Documents and Settings\All Users\Application Data\TEMP:59756FA4 deleted successfully.
ADS D:\Documents and Settings\All Users\Application Data\TEMP:15D5AA51 deleted successfully.
ADS D:\Documents and Settings\All Users\Application Data\TEMP:A9662AE0 deleted successfully.
ADS D:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 deleted successfully.
========== FILES ==========
File/Folder D:\WINDOWS\system32\*.tmp.dll not found.
File/Folder D:\WINDOWS\system32\SET*.tmp not found.
File/Folder D:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 3592876 bytes
->Temporary Internet Files folder emptied: 166811824 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 12948632 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 4481307 bytes
->Flash cache emptied: 1600 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1096231 bytes

Total Files Cleaned = 180,00 mb


[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.23.0 log created on 05252011_071344

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 25 kvě 2011 06:49
od barioso
Este som chcel doplnit ze som pozeral na cinnost procesora
v spravcovi uloh a graf vyuzitia procesora v pravidelnych intervaloch ( cca pol-sekundovych )
stale vyskakuje napriklad na : 16% - 50% , 16% -50% atd ...........

Re: Spomaleny pocitac - poprosil by som o kontrolu logu

Napsal: 25 kvě 2011 06:57
od vyosek
A ktery proces jej takto vytezuje :???:
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz