prosím o kontrolu

[anittra]

V poslední době dochází k samovypínání notebooku, myslím si že je to kvůli přehřátí procesoru, ale nechsem si jistá, chtěla bych pomoci i k odstranění případného smetí a podobných havětí. Díky :-Q

[anittra]

Tady je log......
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-10-16 15:26:55
Microsoft® Windows Vista™ Ultimate
System drive C: has 5 GB (6%) free of 90 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:05, on 16.10.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Users\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (file missing)
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - (no file)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\pnrpnsp.dll' missing
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ArcGIS License Manager - Acresso Software Inc. - C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7964 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{EA8DB7F4-0ED6-42E9-894B-7E8782E6068E}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.6.0.10, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.16.1, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2786678&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\ProgramData\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
babylon.xml
google.xml
jyxo-cz.xml
mall-cz.xml
qipsearch.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\
aol-web-search.xml
askcom.xml
conduit.xml
firmycz.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2011-03-11 1373512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll []
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2011-03-11 1373512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-12-18 1006264]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-24 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-24 8501792]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-24 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-19 4702208]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-08-25 2554696]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-12-18 1232896]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 21755688]
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=0
"EnableInstallerDetection"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.divx"=divx.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.div4"=DivXc32f.dll
"vidc.div3"=DivXc32.dll
"vidc.mp43"=mpg4c32.dll
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.vorbis"=Vorbis.acm
"msacm.a3d"=a3d.dll
"msacm.ogg"=ogg.dll
"msacm.vorbisenc"=vorbisenc.dll
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll

======List of files/folders created in the last 1 month======

2011-10-16 15:26:55 ----D---- C:\rsit
2011-10-16 15:26:55 ----D---- C:\Program Files\trend micro
2011-10-09 21:28:16 ----SHD---- C:\Config.Msi
2011-10-05 10:35:15 ----D---- C:\Users\Administrator\AppData\Roaming\ESET
2011-10-04 00:27:21 ----D---- C:\Windows\Video Converter
2011-10-04 00:27:21 ----D---- C:\Program Files\Video Converter
2011-09-26 01:52:46 ----A---- C:\Windows\unvise32.exe
2011-09-26 01:42:44 ----D---- C:\Users\Administrator\AppData\Roaming\DivX
2011-09-26 01:37:57 ----D---- C:\Program Files\Common Files\Pinnacle
2011-09-26 01:36:48 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2011-09-26 01:32:46 ----D---- C:\Program Files\Templates
2011-09-26 01:31:21 ----D---- C:\Program Files\GuidedTour
2011-09-26 01:30:48 ----D---- C:\Program Files\WMVProfiles11
2011-09-26 01:29:53 ----D---- C:\Program Files\Bin
2011-09-26 01:29:52 ----D---- C:\Program Files\Plugins
2011-09-26 01:29:52 ----D---- C:\Program Files\Import
2011-09-26 01:29:52 ----D---- C:\Program Files\Common Files\Pegasus Imaging
2011-09-26 01:29:51 ----D---- C:\ProgramData\Studio 15
2011-09-26 01:29:51 ----D---- C:\ProgramData\Pinnacle Studio Plus
2011-09-26 01:29:51 ----D---- C:\Program Files\Programs
2011-09-26 01:29:51 ----D---- C:\Program Files\Pinnacle
2011-09-26 01:11:35 ----D---- C:\ProgramData\Pinnacle
2011-09-26 01:07:57 ----D---- C:\Windows\system32\sr-Latn-CS
2011-09-26 01:05:41 ----A---- C:\Windows\system32\msimsg.dll
2011-09-26 01:05:41 ----A---- C:\Windows\system32\msihnd.dll
2011-09-26 01:05:41 ----A---- C:\Windows\system32\msiexec.exe
2011-09-26 01:05:40 ----A---- C:\Windows\system32\msi.dll
2011-09-26 00:17:28 ----A---- C:\Windows\system32\pncrt.dll
2011-09-26 00:16:09 ----D---- C:\Program Files\FreeTime
2011-09-25 21:47:12 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2011-09-25 21:45:55 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-25 21:23:11 ----D---- C:\Users\Administrator\AppData\Roaming\Nokia
2011-09-25 21:19:11 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2011-09-25 21:19:11 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2011-09-25 21:17:45 ----D---- C:\ProgramData\PC Suite
2011-09-25 21:17:28 ----D---- C:\Users\Administrator\AppData\Roaming\PC Suite
2011-09-25 21:14:46 ----D---- C:\Program Files\Common Files\Nokia
2011-09-25 21:13:31 ----D---- C:\Program Files\DIFX
2011-09-25 21:12:15 ----DC---- C:\Windows\system32\DRVSTORE
2011-09-25 21:08:07 ----A---- C:\Windows\system32\nmwcdcls.dll
2011-09-25 21:06:36 ----D---- C:\ProgramData\NokiaInstallerCache
2011-09-25 21:06:36 ----D---- C:\Program Files\Nokia

======List of files/folders modified in the last 1 month======

2011-10-16 15:27:05 ----D---- C:\Windows\Prefetch
2011-10-16 15:26:58 ----D---- C:\Windows\Temp
2011-10-16 15:26:55 ----RD---- C:\Program Files
2011-10-16 15:25:49 ----D---- C:\Windows
2011-10-16 15:14:27 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2011-10-16 15:11:40 ----D---- C:\Users\Administrator\AppData\Roaming\ICQ
2011-10-16 15:04:04 ----SHD---- C:\System Volume Information
2011-10-16 14:27:32 ----D---- C:\Users\Administrator\AppData\Roaming\skypePM
2011-10-15 23:02:26 ----D---- C:\Users\Administrator\AppData\Roaming\dvdcss
2011-10-12 22:48:23 ----D---- C:\Users\Administrator\AppData\Roaming\Winamp
2011-10-09 21:32:53 ----SHD---- C:\Windows\Installer
2011-10-09 21:32:03 ----HD---- C:\ProgramData
2011-10-09 21:30:45 ----D---- C:\Windows\system32\catroot
2011-10-09 21:30:45 ----D---- C:\Windows\inf
2011-10-09 21:30:24 ----D---- C:\Windows\system32\drivers
2011-10-05 18:05:27 ----D---- C:\Windows\Debug
2011-10-05 10:31:36 ----D---- C:\Windows\system32\catroot2
2011-10-04 11:03:07 ----A---- C:\Windows\avisplitter.INI
2011-10-04 01:10:07 ----A---- C:\Windows\win.ini
2011-10-04 00:57:23 ----D---- C:\Windows\System32
2011-10-04 00:57:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-28 22:36:42 ----D---- C:\Program Files\Mozilla Firefox
2011-09-26 01:39:22 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2011-09-26 01:37:57 ----D---- C:\Program Files\Common Files
2011-09-26 01:36:02 ----D---- C:\Windows\winsxs
2011-09-26 01:34:52 ----RSD---- C:\Windows\Fonts
2011-09-26 01:27:07 ----D---- C:\Windows\rescache
2011-09-26 01:07:57 ----D---- C:\Windows\system32\sk-SK
2011-09-26 01:07:57 ----D---- C:\Windows\system32\ru-RU
2011-09-26 01:07:57 ----D---- C:\Windows\system32\en-US
2011-09-26 01:07:57 ----D---- C:\Windows\system32\el-GR
2011-09-26 01:07:57 ----D---- C:\Windows\system32\de-DE
2011-09-26 01:07:57 ----D---- C:\Windows\system32\cs-CZ
2011-09-25 21:24:21 ----D---- C:\Windows\system32\wbem
2011-09-25 21:24:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-09-25 21:18:49 ----D---- C:\Windows\SoftwareDistribution
2011-09-25 19:52:42 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-08-25 238960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-08-25 36568]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-08-25 82400]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-01-23 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-12-18 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-12-18 29184]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2006-11-13 37296]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-24 7629664]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-12-18 82432]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2007-10-17 242560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-15 195072]
S0 OemBiosDevice;Royalty OEM Bios Extension; C:\Windows\System32\drivers\royal.sys [2008-06-18 240128]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-12-18 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-19 1959832]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2006-11-02 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.SYS [2006-11-02 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 ArcGIS License Manager;ArcGIS License Manager; C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe [2008-08-02 1431440]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-08-25 1793712]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2006-03-14 206400]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 135664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 135664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Citace kolegy

stáhněte Hardware Monitor
Nechte to běžet 15min, udělejte screen Hardware Monitoru a hoďte ho sem.

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
  
  type c:\boot.ini >> test.txt /c
  %SystemDrive%\PhysicalMBR.bin /md5
  
  *crack* /s
  *keygen* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[anittra]

OTL logfile created on: 16.10.2011 17:08:40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Desktop
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,52% Memory free
4,20 Gb Paging File | 3,14 Gb Available in Paging File | 74,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,00 Gb Total Space | 5,13 Gb Free Space | 5,83% Space Free | Partition Type: NTFS
Drive D: | 88,31 Gb Total Space | 5,83 Gb Free Space | 6,60% Space Free | Partition Type: NTFS

Computer Name: MARLEY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.10.16 17:03:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2011.09.28 22:36:37 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011.08.25 19:51:40 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.06.30 22:58:34 | 001,379,816 | ---- | M] (CPUID) -- C:\Users\Administrator\Desktop\HWMonitor.exe
PRC - [2011.06.16 14:09:48 | 000,135,168 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011.06.08 14:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.12.18 14:34:04 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.12.18 14:05:52 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.02 10:57:14 | 001,757,184 | ---- | M] () -- C:\Program Files\ESRI\License\arcgis9x\ARCGIS.EXE
PRC - [2008.08.02 10:57:14 | 001,431,440 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe
PRC - [2007.09.19 14:50:44 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
PRC - [2006.11.02 11:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.03.14 07:22:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe


========== Modules (No Company Name) ==========

MOD - [2011.09.28 22:36:37 | 001,015,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011.09.01 14:38:32 | 000,931,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.09.01 14:37:50 | 010,837,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.09.01 14:37:50 | 000,913,920 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.09.01 14:37:50 | 000,416,256 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll
MOD - [2011.09.01 14:37:50 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011.09.01 14:37:50 | 000,026,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011.09.01 14:37:48 | 008,166,912 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.09.01 14:37:48 | 002,551,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.09.01 14:37:48 | 002,282,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.09.01 14:37:48 | 002,246,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.09.01 14:37:48 | 001,288,192 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.09.01 14:37:48 | 000,676,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.09.01 14:37:48 | 000,340,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.09.01 14:37:48 | 000,266,752 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.09.01 14:37:48 | 000,190,464 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.09.01 14:08:58 | 000,508,416 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011.09.01 14:08:56 | 000,109,568 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011.09.01 14:08:18 | 000,378,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QxtCore.dll
MOD - [2011.09.01 14:08:18 | 000,159,232 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QxtWeb.dll
MOD - [2011.09.01 14:08:16 | 000,089,088 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\qjson.dll
MOD - [2011.09.01 14:08:14 | 000,392,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011.09.01 14:08:14 | 000,387,976 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.09.01 14:08:14 | 000,058,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011.09.01 14:07:04 | 000,727,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2011.06.22 12:42:51 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2007.10.02 15:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\zlib1.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.08.25 19:51:40 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.12.18 14:34:03 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.08.02 10:57:14 | 001,431,440 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2006.11.02 11:46:13 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2006.11.02 11:46:12 | 000,167,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.03.14 07:22:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (cpuz135)
DRV - [2011.08.25 19:52:36 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.08.25 19:52:36 | 000,036,568 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.08.25 19:52:35 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.05.18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.18 14:23:23 | 000,240,128 | ---- | M] (PARADOX) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\royal.sys -- (OemBiosDevice)
DRV - [2007.11.08 19:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.10.24 12:33:00 | 007,629,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.10.17 15:48:46 | 000,242,560 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302)
DRV - [2007.01.23 19:18:32 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 17:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.01.23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.11.28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.13 11:58:16 | 000,037,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2006.11.02 10:55:05 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.03.14 07:22:00 | 000,090,176 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found
IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.1
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.16.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2786678&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Administrator\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.09.25 21:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.04 10:53:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.09 21:23:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.09.25 21:48:39 | 000,000,000 | ---D | M]

[2008.12.18 12:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2011.10.16 16:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions
[2011.08.23 20:34:38 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.08.23 20:34:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.23 20:34:23 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.10 15:00:11 | 000,002,354 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\aol-web-search.xml
[2011.07.07 11:09:00 | 000,002,395 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\askcom.xml
[2011.02.18 15:39:21 | 000,000,863 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\conduit.xml
[2010.04.14 08:57:54 | 000,002,051 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\firmycz.xml
[2011.10.10 17:06:10 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-1.xml
[2011.04.21 14:30:06 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-10.xml
[2011.05.06 12:31:22 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-11.xml
[2011.06.24 17:26:28 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-12.xml
[2011.09.01 13:15:35 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-13.xml
[2011.09.09 00:01:33 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-14.xml
[2011.09.28 22:36:54 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-15.xml
[2010.04.04 10:59:50 | 000,000,656 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-2.xml
[2010.07.06 13:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-3.xml
[2010.08.23 20:11:50 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-4.xml
[2010.11.12 19:25:48 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-5.xml
[2010.12.12 15:00:40 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-6.xml
[2011.01.08 23:55:02 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-7.xml
[2011.03.07 09:57:43 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-8.xml
[2011.03.24 00:16:06 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-9.xml
[2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.gif
[2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.src
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.xml
[2010.04.14 08:57:54 | 000,002,046 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\mapycz.xml
[2010.04.14 08:57:55 | 000,002,212 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\zbocz.xml
[2011.06.03 15:02:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.05.03 15:15:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.25 21:48:38 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2011.01.14 16:58:37 | 000,002,151 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.12.12 15:00:17 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.12 15:00:17 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2008.12.24 22:44:12 | 000,002,061 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qipsearch.xml
[2010.12.12 15:00:17 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.12.12 15:00:17 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.12.12 15:00:17 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-809037213-1004494924-1918418785-500..\Run: [] File not found
O4 - HKU\S-1-5-21-809037213-1004494924-1918418785-500..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O7 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML File not found
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.05\AMVConverter\grab.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.05\MediaManager\grab.html File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - %SystemRoot%\system32\pnrpnsp.dll File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B0FCC45-9DF6-4DF8-A11C-B45F9AA7EA54}: DhcpNameServer = 192.168.100.252 0.0.0.0 153.19.250.100 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F60AD7C-1DA3-4514-9B0F-34DDD13249B6}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) -C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\Shell\Auto\command - "" = C:\Windows\System32\cmd.exe -- [2006.11.02 11:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
O33 - MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\AUtOplAy\commAnD - "" = F:\jmvr.pif
O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\AutoRun\command - "" = F:\jmvr.pif
O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\expLORE\Command - "" = F:\jmvr.pif
O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\open\coMmand - "" = F:\jmvr.pif
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.a3d - C:\Windows\System32\a3d.dll (Sensaura Ltd)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa - C:\Windows\System32\divxa32.acm (build Pinky.cz)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.ogg - C:\Windows\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.vorbisenc - C:\Windows\System32\vorbisenc.dll ()
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\Windows\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\Windows\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.divx - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.10.16 17:03:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011.10.16 17:02:01 | 001,379,816 | ---- | C] (CPUID) -- C:\Users\Administrator\Desktop\HWMonitor.exe
[2011.10.16 16:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.10.16 16:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.10.16 16:16:06 | 001,712,232 | ---- | C] (Crystal Dew World ) -- C:\Users\Administrator\Desktop\CrystalDiskInfo4_1_1-en.exe
[2011.10.16 16:12:18 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.10.16 16:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011.10.16 15:58:40 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Administrator\Desktop\HijackThis.exe
[2011.10.16 15:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.16 15:26:55 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.09 21:28:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.10.16 17:12:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.16 17:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EA8DB7F4-0ED6-42E9-894B-7E8782E6068E}.job
[2011.10.16 17:03:29 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011.10.16 17:01:40 | 000,531,258 | ---- | M] () -- C:\Users\Administrator\Desktop\hwmonitor_1.18-32bit.zip
[2011.10.16 16:56:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.16 16:24:00 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 16:24:00 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 16:17:10 | 000,001,765 | ---- | M] () -- C:\Users\Administrator\Desktop\CrystalDiskInfo.lnk
[2011.10.16 16:16:12 | 001,712,232 | ---- | M] (Crystal Dew World ) -- C:\Users\Administrator\Desktop\CrystalDiskInfo4_1_1-en.exe
[2011.10.16 16:12:18 | 000,000,804 | ---- | M] () -- C:\Users\Administrator\Desktop\SpeedFan.lnk
[2011.10.16 16:12:16 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011.10.16 16:10:21 | 002,096,600 | ---- | M] () -- C:\Users\Administrator\Desktop\installspeedfan444.exe
[2011.10.16 15:58:42 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Administrator\Desktop\HijackThis.exe
[2011.10.16 15:23:00 | 000,781,383 | ---- | M] () -- C:\Users\Administrator\Desktop\RSIT.exe
[2011.10.16 15:10:31 | 000,121,419 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\nvModes.001
[2011.10.16 14:25:08 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.16 14:23:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.16 14:23:51 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.16 13:27:28 | 000,006,604 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.10.16 00:13:17 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.10.15 16:26:24 | 000,002,673 | ---- | M] () -- C:\Users\Administrator\Desktop\Microsoft Office Word 2003.lnk
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.16 17:12:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.16 17:01:38 | 000,531,258 | ---- | C] () -- C:\Users\Administrator\Desktop\hwmonitor_1.18-32bit.zip
[2011.10.16 16:17:10 | 000,001,765 | ---- | C] () -- C:\Users\Administrator\Desktop\CrystalDiskInfo.lnk
[2011.10.16 16:12:18 | 000,000,804 | ---- | C] () -- C:\Users\Administrator\Desktop\SpeedFan.lnk
[2011.10.16 16:11:55 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011.10.16 16:10:14 | 002,096,600 | ---- | C] () -- C:\Users\Administrator\Desktop\installspeedfan444.exe
[2011.10.16 15:22:54 | 000,781,383 | ---- | C] () -- C:\Users\Administrator\Desktop\RSIT.exe
[2011.06.04 22:49:50 | 000,855,641 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\PandaIDProtectHelp.chm
[2011.05.05 19:44:35 | 000,004,096 | -H-- | C] () -- C:\Users\Administrator\AppData\Local\keyfile3.drm
[2010.10.08 15:14:54 | 014,513,637 | ---- | C] () -- C:\Program Files\studio_cz.pdf
[2010.07.17 13:46:35 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2009.11.22 14:06:49 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.11.22 14:06:43 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.11.22 14:06:36 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.05.03 00:18:05 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2008.12.24 22:25:22 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008.12.18 12:59:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.11.03 01:48:24 | 000,000,624 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.07.15 19:14:56 | 000,000,072 | ---- | C] () -- C:\Windows\MediaManager.INI
[2008.06.18 18:04:52 | 000,240,128 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.18 18:00:15 | 000,121,419 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\nvModes.001
[2008.06.18 18:00:06 | 000,121,419 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\nvModes.dat
[2008.06.18 14:39:43 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.06.18 14:13:57 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.06.18 14:13:55 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.06.18 14:13:54 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.06.18 14:13:53 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.06.18 13:57:13 | 000,006,604 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.04.23 13:20:06 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.01.08 23:15:40 | 000,476,214 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 23:15:40 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 23:15:40 | 000,082,618 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 23:15:40 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 14:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:46:27 | 000,355,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:34:29 | 000,063,488 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2006.11.02 14:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2006.11.02 12:33:01 | 000,612,758 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,105,138 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\Windows\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll
[1997.06.25 15:24:16 | 000,040,448 | ---- | C] () -- C:\Windows\System32\RegObj.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011.01.08 16:33:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVG10
[2011.10.05 10:35:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET
[2010.11.23 16:57:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESRI
[2011.10.16 16:42:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQ
[2008.07.09 13:59:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQ Toolbar
[2008.07.08 18:53:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQLite
[2011.04.21 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ImgBurn
[2011.09.25 21:23:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2010.06.07 09:52:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2011.06.03 15:50:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Panda Security
[2011.09.25 22:33:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2011.06.03 15:39:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\RegistryKeys
[2011.06.03 15:39:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Smart PC
[2011.06.03 15:51:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SurfSecret Privacy Suite
[2010.04.25 12:15:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Zoner
[2011.02.12 17:46:30 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\AVG10
[2009.01.02 19:45:28 | 000,000,000 | ---D | M] -- C:\Users\Melňa\AppData\Roaming\ICQ
[2008.07.09 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Melňa\AppData\Roaming\ICQ Toolbar
[2008.12.15 18:03:42 | 000,000,000 | ---D | M] -- C:\Users\Melňa\AppData\Roaming\ImgBurn
[2011.10.16 13:27:34 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.10.16 17:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EA8DB7F4-0ED6-42E9-894B-7E8782E6068E}.job

========== Purity Check ==========



========== Custom Scans ==========


< >

< >


< MD5 for: AGP440.SYS >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:AGP440.sys
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:atapi.sys
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.05.12 08:58:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2008.05.12 08:58:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.05.12 08:58:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.12.18 14:07:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008.12.18 14:07:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.12.18 14:07:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.05.12 08:58:27 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2008.12.18 14:07:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2001.09.20 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\XP\I386\AUTOCHK.EXE
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows.old\Windows\System32\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\System32\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2008.04.14 15:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\AUTOCHK.EXE
[2008.04.14 15:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:cdrom.sys
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows.old\Windows\System32\drivers\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows.old\Windows\System32\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\System32\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.12.18 14:05:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008.12.18 14:05:52 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.12.18 14:05:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.12.18 14:05:50 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.05.12 09:27:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows.old\Windows\explorer.exe
[2008.05.12 09:27:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.12.18 14:42:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.05.12 09:27:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.12.18 14:42:26 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.12.18 14:05:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

< MD5 for: HAL.DLL >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:hal.dll
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:hal.dll
[2006.11.02 11:51:12 | 000,160,872 | ---- | M] (Microsoft Corporation) MD5=E3A21FC3407DA84C5FF41B5088A67C3B -- C:\Windows.old\Windows\System32\hal.dll
[2006.11.02 11:51:12 | 000,160,872 | ---- | M] (Microsoft Corporation) MD5=E3A21FC3407DA84C5FF41B5088A67C3B -- C:\Windows\System32\hal.dll

< MD5 for: CHANGER.SYS >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:Changer.sys
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:Changer.sys

< MD5 for: IASTORV.SYS >
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:isapnp.sys
[2010.01.14 19:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\sp3.cab:isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.06.22 09:07:21 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2011.06.22 09:20:35 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2011.06.22 09:07:21 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2011.06.22 09:03:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows.old\Windows\System32\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2011.06.22 09:07:19 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.06.22 09:07:20 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2011.06.22 09:03:03 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2011.06.22 09:07:22 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2011.06.22 09:07:23 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\System32\lsass.exe
[2011.06.22 09:07:23 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2011.06.22 09:20:35 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2011.06.22 09:20:36 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2011.06.22 09:03:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2011.06.22 09:03:01 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows.old\Windows\System32\drivers\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\System32\drivers\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVRAID.SYS >
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SMSS.EXE >
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows.old\Windows\System32\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\System32\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[2008.04.14 15:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\SYSTEM32\SMSS.EXE
[2008.04.14 15:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Windows.old\Documents and Settings\Administrator\Desktop\WinXPProSP3CZ\User_Files\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\System32\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe

[anittra]

< MD5 for: TCPIP.SYS >
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2011.06.22 09:23:35 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2011.06.22 09:23:31 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.22 09:04:15 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2011.06.22 09:04:14 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2011.06.22 09:23:36 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2011.06.22 09:04:14 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2011.06.22 09:04:15 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.22 09:04:15 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.05.12 08:55:53 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2008.12.18 13:58:24 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.05.12 08:55:53 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows.old\Windows\System32\drivers\tcpip.sys
[2008.05.12 08:55:53 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2008.12.18 13:58:25 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2011.06.22 09:23:33 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2011.06.22 09:23:31 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2011.06.22 09:04:14 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2011.06.22 09:04:14 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\SoftwareDistribution\Download\1df7d45bfe4092a6feec08ab0388603c\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2011.06.22 09:23:33 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\System32\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows.old\Windows\System32\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5e7eb517b52cfc475344cecf8c95af8c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5e7eb517b52cfc475344cecf8c95af8c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c9ce1bf502419e3c7f8ce7242a1b31ad\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c9ce1bf502419e3c7f8ce7242a1b31ad\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\*.tmp -> ]
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2008.05.11 22:55:59 | 024,958,080 | ---- | M] ( ) -- C:\AdbeRdr810_cs_CZ.exe
[2008.05.01 11:19:02 | 000,574,012 | ---- | M] () -- C:\Czech_language_pack_553.exe
[2008.05.11 22:05:33 | 014,613,912 | ---- | M] (Macrovision Corporation) -- C:\Install_ICQ6.exe
[2008.05.04 18:21:42 | 014,126,401 | ---- | M] ( ) -- C:\klcodec390f.exe
[2008.10.11 00:03:03 | 014,566,424 | ---- | M] () -- C:\vlc-0.9.4-win32.exe
[2008.05.01 11:14:58 | 008,990,024 | ---- | M] (Nullsoft, Inc.) -- C:\winamp553_full_emusic-7plus_en-us.exe
[2008.05.11 21:59:27 | 001,336,031 | ---- | M] () -- C:\wrar371cz.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.12.24 14:59:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2011.01.08 16:33:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVG10
[2011.09.26 01:42:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DivX
[2011.10.15 23:02:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\dvdcss
[2011.10.05 10:35:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET
[2010.11.23 16:57:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESRI
[2009.11.22 14:16:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Google
[2011.10.16 16:42:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQ
[2008.07.09 13:59:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQ Toolbar
[2008.07.08 18:53:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQLite
[2008.06.18 14:07:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Identities
[2011.04.21 14:22:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ImgBurn
[2008.07.08 19:06:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Macromedia
[2008.08.06 12:32:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Media Player Classic
[2011.09.26 01:39:22 | 000,000,000 | --SD | M] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2008.12.18 12:59:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2011.09.25 21:23:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2010.06.07 09:52:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2011.06.03 15:50:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Panda Security
[2011.09.25 22:33:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2011.06.03 15:39:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\RegistryKeys
[2011.10.16 16:42:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Skype
[2011.10.16 16:07:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\skypePM
[2011.06.03 15:39:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Smart PC
[2011.06.03 15:51:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SurfSecret Privacy Suite
[2008.10.11 00:04:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\vlc
[2011.10.12 22:48:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Winamp
[2008.07.15 19:21:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WinRAR
[2010.04.25 12:15:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.09.26 01:39:23 | 000,029,926 | R--- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.22 09:27:15 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.06.22 09:27:16 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.22 09:27:15 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.06.22 09:27:16 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.10.16 17:24:00 | 000,003,552 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 17:24:00 | 000,003,552 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.16 16:12:16 | 000,000,045 | ---- | M] () -- C:\Windows\system32\initdebug.nfo
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2008.05.11 22:55:59 | 024,958,080 | ---- | M] ( ) -- C:\AdbeRdr810_cs_CZ.exe
[2008.05.01 11:19:02 | 000,574,012 | ---- | M] () -- C:\Czech_language_pack_553.exe
[2008.05.11 22:05:33 | 014,613,912 | ---- | M] (Macrovision Corporation) -- C:\Install_ICQ6.exe
[2008.05.04 18:21:42 | 014,126,401 | ---- | M] ( ) -- C:\klcodec390f.exe
[2008.10.11 00:03:03 | 014,566,424 | ---- | M] () -- C:\vlc-0.9.4-win32.exe
[2008.05.01 11:14:58 | 008,990,024 | ---- | M] (Nullsoft, Inc.) -- C:\winamp553_full_emusic-7plus_en-us.exe
[2008.05.11 21:59:27 | 001,336,031 | ---- | M] () -- C:\wrar371cz.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.12.18 13:45:04 | 001,232,896 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2008.09.29 18:57:48 | 021,755,688 | R--- | M] (Skype Technologies S.A.)
"NokiaOviSuite2" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray -- [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia)
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.16 17:12:10 | 000,000,512 | ---- | M] () MD5=C1205A951C03411BF8FE35C98B730B6B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2005.07.07 21:22:11 | 000,000,100 | ---- | M] () -- \Program Files\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vmt
[2005.07.07 21:22:12 | 000,174,968 | ---- | M] () -- \Program Files\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vtf
[2005.12.02 21:04:47 | 000,000,574 | ---- | M] () -- \Program Files\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vmt
[2005.12.02 21:04:47 | 000,022,064 | ---- | M] () -- \Program Files\Counter-Strike Source\hl2\materials\glass\glasswindow018a_cracked.vtf
[2007.05.23 09:21:38 | 000,114,533 | ---- | M] () -- \Python25\Lib\site-packages\numpy\f2py\crackfortran.py
[2007.08.20 10:15:36 | 000,080,591 | ---- | M] () -- \Python25\Lib\site-packages\numpy\f2py\crackfortran.pyc
[2007.08.20 10:15:40 | 000,080,434 | ---- | M] () -- \Python25\Lib\site-packages\numpy\f2py\crackfortran.pyo
[2008.11.04 22:28:20 | 000,272,384 | ---- | M] () -- \Users\Administrator\Desktop\Daliboss\Zaloha!!\Hudba\muzika- z mp4\Looking For An Answer - Buscando Una Respuesta [EP] [2003]\02 Cybercrack.mp3
[2008.11.04 22:28:20 | 000,272,384 | ---- | M] () -- \Windows.old\Documents and Settings\Administrator\Desktop\Daliboss\Zaloha!!\Hudba\muzika- z mp4\Looking For An Answer - Buscando Una Respuesta [EP] [2003]\02 Cybercrack.mp3
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *keygen* /s >

< End of report >

[anittra]

OTL Extras logfile created on: 16.10.2011 17:08:40 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Desktop
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,52% Memory free
4,20 Gb Paging File | 3,14 Gb Available in Paging File | 74,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,00 Gb Total Space | 5,13 Gb Free Space | 5,83% Space Free | Partition Type: NTFS
Drive D: | 88,31 Gb Total Space | 5,83 Gb Free Space | 6,60% Space Free | Partition Type: NTFS

Computer Name: MARLEY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-809037213-1004494924-1918418785-500]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{931AECC1-6FE2-493F-A653-6BF5BA16C084}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C2B2EAB9-ADB0-4DC0-A92D-EDAD294D2748}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C66F5C71-D551-4986-82F6-19A989A1A673}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F71CBDBE-4204-440D-BD6F-97929DAAE7C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F2937D3-512B-4DA2-9C9E-EE358A2FD966}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0FD817B6-2944-4808-9980-E950692A3851}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{10601067-9186-4F0C-8DF3-C3B456CA1320}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1065E396-DEA4-4FDE-B39E-8C732EE8B136}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1161B24E-47E4-4827-A085-1C3D3468227B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{18BA0ED4-DA4B-4694-9592-1E62E958BA76}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1F46E811-AB11-4173-96D6-E7C597C646B0}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{452D606D-4729-47CB-AB92-0708A8ECD33B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45FBCDF8-61BE-4633-BA59-00AFE8615C17}" = protocol=6 | dir=in | app=c:\program files\programs\studio.exe |
"{4D7FC022-963F-4D13-B724-4C168B70CAE7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{548EDDD6-3D1F-4725-84A1-F901B864720F}" = protocol=6 | dir=in | app=c:\program files\programs\rm.exe |
"{55E9FEEE-BF48-45F6-A566-59CE3265EDD8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{62ABF74C-B22B-4DCE-A9C9-73905D4483EB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{67758051-0978-4B6C-906E-821A0941CF4D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6922C2C8-C683-485E-B266-50B796885334}" = protocol=17 | dir=in | app=c:\program files\programs\umi.exe |
"{6DD9E876-9677-4D68-9978-5F5FDBFF15AF}" = protocol=17 | dir=in | app=c:\program files\programs\studio.exe |
"{7B89A11E-CB37-4F6C-8DAC-F8D573CC650E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7C3E8F18-2FBA-44A4-92E1-19ACBD5553E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EB71D08-0EF8-4F03-9536-F88FAC880DF3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A55D5283-0117-4615-8D16-C7BC94AFBB9B}" = protocol=6 | dir=in | app=c:\program files\programs\umi.exe |
"{B4DAE7BC-B3A6-469F-8C7B-45037F3CE5C9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B820D82A-D6B7-42F3-8EF2-0BD6D03611DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9C415B7-9884-4C3D-A6D2-2D4738EB3975}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C21D83FD-2C5C-4648-97F7-001455039C33}" = protocol=17 | dir=in | app=c:\program files\programs\rm.exe |
"{C665E079-2902-4EDD-AC17-547A28B891AB}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D2F9E1D1-9716-4B86-BE2C-D2F3C9CE7944}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F3AB5D2E-06BE-4B9F-83BC-0232232271D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD27D40B-0A0A-4C0C-B5D2-228728322339}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{1F910D22-DAE8-49C1-992F-8D73C60232BA}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{4BC46F6A-BEF5-4EEF-9D42-6C40FB24047B}C:\python25\pythonw.exe" = protocol=6 | dir=in | app=c:\python25\pythonw.exe |
"TCP Query User{8F0CAB2F-7B3D-4468-B644-BFA0083F6A28}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0027FE6E-1A40-444C-9530-C9B621B15F0B}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{7ECED7F0-5FCB-4AE2-8615-59E088D53EF0}C:\python25\pythonw.exe" = protocol=17 | dir=in | app=c:\python25\pythonw.exe |
"UDP Query User{8E2C9B4D-C275-46D0-911B-3BF140A15AF0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{5033400B-0977-45AB-94CE-CC135A8E1BBB}" = ArcGIS Desktop
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}" = OpenOffice.org 3.2
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DC0632A-A838-4B34-AC19-0FA18E1C533C}" = Sentinel Protection Installer 7.2.2
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}" = Pinnacle Studio 15 Ultimate Plugins
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications (R) Core
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ArcGIS Desktop" = ArcGIS Desktop
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.1
"FormatFactory" = FormatFactory 2.70
"GameParkClient_is1" = GamePark
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.0 Full
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"Nokia Ovi Suite" = Nokia Ovi Suite
"numpy-py2.5" = Python 2.5 numpy-1.0.3
"NVIDIA Drivers" = NVIDIA Drivers
"Pracovní listy do zeměpisu_is1" = Pracovní listy do zeměpisu 1.3
"Python 2.5 numpy-1.0.3" = Python 2.5 numpy-1.0.3
"Python 2.5.1" = Python 2.5.1
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SpeedFan" = SpeedFan (remove only)
"Video Converter1.0" = Video Converter
"VLC media player" = VLC media player 0.9.4
"VorbisCodec" = Ogg Vorbis ACM Codec
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinRAR archiver" = WinRAR
"Worms Armageddon" = Worms Armageddon

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Toolbar" = Winamp Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.9.2011 15:41:08 | Computer Name = Marley | Source = OviSuite | ID = 1
Description = 25/09/2011 21:41:08 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 25.9.2011 15:41:08 | Computer Name = Marley | Source = OviSuite | ID = 1
Description = 25/09/2011 21:41:08 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 25.9.2011 15:41:08 | Computer Name = Marley | Source = OviSuite | ID = 1
Description = 25/09/2011 21:41:08 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 25.9.2011 19:12:46 | Computer Name = Marley | Source = Application Error | ID = 1000
Description = Chybující aplikace MsiExec.exe, verze 4.5.6000.20817, časové razítko
0x4808083c, chybující modul MSIB7C0.tmp, verze 14.0.0.168, časové razítko 0x471383db,
kód výjimky 0xc0000005, posun chyby 0x0009371f, ID procesu 0x3f8, čas spuštění aplikace
0x01cc7bd874748705.

Error - 25.9.2011 19:28:14 | Computer Name = Marley | Source = Application Error | ID = 1000
Description = Chybující aplikace MsiExec.exe, verze 4.5.6000.20817, časové razítko
0x4808083c, chybující modul MSIE1BA.tmp, verze 14.0.0.168, časové razítko 0x471383db,
kód výjimky 0xc0000005, posun chyby 0x0009371f, ID procesu 0x15dc, čas spuštění
aplikace 0x01cc7bdac62b6ee5.

Error - 25.9.2011 19:51:28 | Computer Name = Marley | Source = Application Error | ID = 1000
Description = Chybující aplikace Studio.exe, verze 15.0.0.7593, časové razítko 0x4cc74e06,
chybující modul Studio.exe, verze 15.0.0.7593, časové razítko 0x4cc74e06, kód výjimky
0xc0000005, posun chyby 0x0032007c, ID procesu 0x116c, čas spuštění aplikace 0x01cc7bdca4783245.

Error - 25.9.2011 22:11:03 | Computer Name = Marley | Source = Application Hang | ID = 1002
Description = Program Studio.exe verze 15.0.0.7593 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 13fc Čas zahájení: 01cc7bebec788455 Čas ukončení: 324

Error - 25.9.2011 22:18:13 | Computer Name = Marley | Source = Application Error | ID = 1000
Description = Chybující aplikace Studio.exe, verze 15.0.0.7593, časové razítko 0x4cc74e06,
chybující modul mfc90u.dll, verze 9.0.30729.4148, časové razítko 0x4a596d4a, kód
výjimky 0xc0000005, posun chyby 0x0008c593, ID procesu 0x668, čas spuštění aplikace
0x01cc7bf18c0d8975.

Error - 28.9.2011 8:49:07 | Computer Name = Marley | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.0.6000.16771 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: b7c Čas zahájení: 01cc7bd85c468e35 Čas ukončení: 662

Error - 28.9.2011 9:08:03 | Computer Name = Marley | Source = Application Hang | ID = 1002
Description = Program Explorer.exe verze 6.0.6000.16771 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 1284 Čas zahájení: 01cc7ddd0bda1db0 Čas ukončení: 136

[ System Events ]
Error - 9.10.2011 15:59:03 | Computer Name = Marley | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 11.10.2011 10:14:31 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 12.10.2011 13:36:51 | Computer Name = Marley | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 13.10.2011 7:20:06 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 13.10.2011 15:38:51 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 14.10.2011 6:36:41 | Computer Name = Marley | Source = Service Control Manager | ID = 7011
Description =

Error - 15.10.2011 16:50:19 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 16.10.2011 5:15:00 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 16.10.2011 8:25:51 | Computer Name = Marley | Source = Service Control Manager | ID = 7000
Description =

Error - 16.10.2011 9:11:19 | Computer Name = Marley | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0013775D8E4E
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).


< End of report >

[anittra]

tady screenshot ,,,,,

[vyosek]

Teploty vypadaji OK

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Kernel | On_Demand | Running] -- -- (cpuz135)
  IE - HKLM\..\URLSearchHook: - No CLSID value found
  IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found
  IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  IE - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found
  FF - prefs.js..browser.search.defaultengine: "Ask.com"
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.defaultthis.engineName: " "
  FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
  FF - prefs.js..browser.search.order.1: "Ask.com"
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  FF - prefs.js..browser.search.useDBForOrder: true
  FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q="
  [2011.08.23 20:34:38 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
  [2011.08.23 20:34:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2011.08.23 20:34:23 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
  [2011.06.10 15:00:11 | 000,002,354 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\aol-web-search.xml
  [2011.07.07 11:09:00 | 000,002,395 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\askcom.xml
  [2011.02.18 15:39:21 | 000,000,863 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\conduit.xml
  [2010.04.14 08:57:54 | 000,002,051 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\firmycz.xml
  [2011.10.10 17:06:10 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-1.xml
  [2011.04.21 14:30:06 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-10.xml
  [2011.05.06 12:31:22 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-11.xml
  [2011.06.24 17:26:28 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-12.xml
  [2011.09.01 13:15:35 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-13.xml
  [2011.09.09 00:01:33 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-14.xml
  [2011.09.28 22:36:54 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-15.xml
  [2010.04.04 10:59:50 | 000,000,656 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-2.xml
  [2010.07.06 13:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-3.xml
  [2010.08.23 20:11:50 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-4.xml
  [2010.11.12 19:25:48 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-5.xml
  [2010.12.12 15:00:40 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-6.xml
  [2011.01.08 23:55:02 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-7.xml
  [2011.03.07 09:57:43 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-8.xml
  [2011.03.24 00:16:06 | 000,000,950 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-9.xml
  [2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.gif
  [2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.src
  [2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.xml
  [2009.05.03 15:15:15 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
  O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
  O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
  O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
  O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
  O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found
  O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
  O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
  O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O3 - HKU\S-1-5-21-809037213-1004494924-1918418785-500\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
  O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - %SystemRoot%\system32\pnrpnsp.dll File not found
  O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - %SystemRoot%\system32\pnrpnsp.dll File not found
  O13 - gopher Prefix: missing
  O20 - Winlogon\Notify\klogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
  O33 - MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\Shell\Auto\command - "" = C:\Windows\System32\cmd.exe -- [2006.11.02 11:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation)
  O33 - MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
  O33 - MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
  O33 - MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
  O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\AUtOplAy\commAnD - "" = F:\jmvr.pif
  O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\AutoRun\command - "" = F:\jmvr.pif
  O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\expLORE\Command - "" = F:\jmvr.pif
  O33 - MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\Shell\open\coMmand - "" = F:\jmvr.pif
  [2008.07.09 13:59:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ICQ Toolbar
  [2008.07.09 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Melňa\AppData\Roaming\ICQ Toolbar
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [12 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [2 C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\5e7eb517b52cfc475344cecf8c95af8c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5e7eb517b52cfc475344cecf8c95af8c\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\c9ce1bf502419e3c7f8ce7242a1b31ad\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c9ce1bf502419e3c7f8ce7242a1b31ad\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\*.tmp -> ]
  [6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  
  :services
  gupdate
  gupdatem
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  "NeroCheck"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  "NokiaOviSuite2"=-
  ""=-
  
  :files
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\User_Feed_Synchronization-{EA8DB7F4-0ED6-42E9-894B-7E8782E6068E}.job
  C:\Program Files\uTorrentBar
  C:\Program Files\Winamp Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[anittra]

Nemuzu se pripojit pres opravovane pc na internet ruzne aplikace nefunguji jak by mely atd...

[anittra]

All processes killed
========== OTL ==========
Error: No service named cpuz135 was found to stop!
Service\Driver key cpuz135 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Page| /E : value set successfully!
HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-809037213-1004494924-1918418785-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: " " removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.1&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.conduit.com/ResultsExt.as ... 2786678&q=" removed from keyword.URL
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\rvbqlnxx.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\aol-web-search.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\askcom.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\conduit.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\firmycz.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rvbqlnxx.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E33CF602-D945-461A-83F0-819F76A199F8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-809037213-1004494924-1918418785-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\ not found.
File move failed. C:\Windows\System32\cmd.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab5ce7b2-e328-11dd-aebb-001dd9f4d8d9}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\ not found.
File C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab5ce841-e328-11dd-aebb-001dd9f4d8d9}\ not found.
File C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
File F:\jmvr.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
File F:\jmvr.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
File F:\jmvr.pif not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cb1f6e0e-0b52-11e0-b566-001dd9f4d8d9}\ not found.
File F:\jmvr.pif not found.
C:\Users\Administrator\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Users\Melňa\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Windows\DUMP97bc.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CA0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9920.tmp\System.DirectoryServices.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9920.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9939.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD9C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD078.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED1C.tmp folder deleted successfully.
C:\Windows\Installer\MSI40AA.tmp deleted successfully.
C:\Windows\Installer\MSI44E7.tmp deleted successfully.
C:\Windows\Installer\MSI6003.tmp deleted successfully.
C:\Windows\Installer\MSI622F.tmp deleted successfully.
C:\Windows\Installer\MSI6B26.tmp deleted successfully.
C:\Windows\Installer\MSI7862.tmp deleted successfully.
C:\Windows\Installer\MSI7E8A.tmp deleted successfully.
C:\Windows\Installer\MSI9BB8.tmp deleted successfully.
C:\Windows\Installer\MSI9E4B.tmp deleted successfully.
C:\Windows\Installer\MSIB45.tmp deleted successfully.
C:\Windows\Installer\MSIDC6F.tmp deleted successfully.
C:\Windows\Installer\MSIE121.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\41440fae2445fd690fb13efcaae77b5d\BIT2B60.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\5e7eb517b52cfc475344cecf8c95af8c\BITF7BD.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\c9ce1bf502419e3c7f8ce7242a1b31ad\BIT4BCB.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\eb8aa708912af7fb366a6ae57d0ac4f0\$dpx$.tmp folder deleted successfully.
C:\Windows\System32\is-QV7VF.tmp deleted successfully.
C:\Windows\System32\tmp8813.tmp deleted successfully.
C:\Windows\System32\tmp9011.tmp deleted successfully.
C:\Windows\System32\tmp909E.tmp deleted successfully.
C:\Windows\System32\tmpD681.tmp deleted successfully.
C:\Windows\System32\tmpF47C.tmp deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaOviSuite2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\User_Feed_Synchronization-{EA8DB7F4-0ED6-42E9-894B-7E8782E6068E}.job moved successfully.
File\Folder C:\Program Files\uTorrentBar not found.
C:\Program Files\Winamp Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 2774820 bytes
->Temporary Internet Files folder emptied: 19628425 bytes
->FireFox cache emptied: 107539547 bytes
->Flash cache emptied: 1240 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 49660 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->FireFox cache emptied: 10045849 bytes
->Flash cache emptied: 456 bytes

User: Melňa
->Temp folder emptied: 47842479 bytes
->Temporary Internet Files folder emptied: 99778129 bytes
->FireFox cache emptied: 42731894 bytes
->Flash cache emptied: 18530 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5000 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 315,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Melňa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 10162011_210301

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\cmd.exe scheduled to be moved on reboot.
C:\Windows\temp\spserv.dat moved successfully.

Registry entries deleted on Reboot...

[vyosek]

Zkontrolujte nastaveni pripojeni dle informaci od poskytovatele

Zabalte mi prosim celou slozku c:\_OTL a nekam uploadnete

[anittra]

Problém je v tom že nejde stustit v podstatě žádná služba, která souvisí s připojením na net....a ne jen ty, ale i další. Problém 2. ta složka je nenávratně smazaná....

[vyosek]

A kdo tu slozku smazal Ja urcite ne, to prave byla zaloha OTL

Zadna sluzba souvisejici s pripojenim na net = prohlizec, skype, icq apod

[anittra]

Složku jsem smazala scela náhodou, poněvadž V OTL jsem dala možnost vyčistit a po pár sekundách mi došlo, že to je autodestrukce , Při spuštění OS okno lmgrd.exe přestal fungovat....! Nástroje pro správu\služby....tak služby související s daným problémem mají stav Počátek a nebo nejdou spustit z důvodu chybné cesty k souboru.......recovery konsele nejde,,,???,,,nevím proč,,,, reinstal považuji za poslední věc... díky za rady... V oznamovací oblasti síťové připojení... okno,,,,Nepodařilo se zahájit závislou službu nebo skupinu

[vyosek]

To je tak kdyz se klika kam nema...

Zkuste mackat F8 pri startu a zvolit posledni znama funkcni konfigurace