počítač se seká

Zpráva

xtoncekx · #1 Příspěvek od **xtoncekx** » 24 kvě 2012 23:24

Logfile of random's system information tool 1.09 (written by random/random)
Run by okay at 2012-05-25 00:22:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 58 GB (31%) free of 191 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:22:08, on 2012/05/25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\okay\My Documents\Stažené soubory\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\okay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.atcomp.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {707db484-2428-402d-afb5-d85b387544c7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {707db484-2428-402d-afb5-d85b387544c7} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {707db484-2428-402d-afb5-d85b387544c7} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Přečti to! - C:\WINDOWS\Speech\gbs\Precti_to.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.atcomp.cz
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5291958781
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

--
End of file - 12133 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On okay Logon.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.15.1.22229, engine@conduit.com:3.3.3.2, cs@dictionaries.addons.mozilla.org:1.0.2, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2, {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.23, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.0.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.6, {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02, {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {707db484-2428-402d-afb5-d85b387544c7}:3.3.3.2, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1.1, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, {3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1912, avg@toolbar:10.0.0.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19, {2c088200-b973-11db-8314-0800200c9a66}:1.7.1, nasanightlaunch@example.com:0.6.20100827"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7B75 ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG2012\Firefox\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
AskHPRFF.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npbittorrent.dll
npdeploytk.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npjp2.dll
npnul32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\
cs@dictionaries.addons.mozilla.org
engine@conduit.com
nasanightlaunch@example.com
toolbar@ask.com
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
{20a82645-c095-46ed-80e3-08825760534b}
{25435c91-0116-45fe-8b81-173aaded792d}
{2c088200-b973-11db-8314-0800200c9a66}
{4AB21F99-91C5-4a9d-813E-425841874FB1}
{6614d11d-d21d-b211-ae23-815234e1ebb5}
{707db484-2428-402d-afb5-d85b387544c7}
{73a6fe31-595d-460b-a920-fcc0f8843232}
{800b5000-a755-47e1-992b-48a1c1357f07}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qipsearch.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{707db484-2428-402d-afb5-d85b387544c7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-05-06 1869152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-24 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C333CF63-767F-4831-94AC-E683D962C63C}]
CoTGT_BHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{707db484-2428-402d-afb5-d85b387544c7}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-05-06 1869152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-07 716800]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2006-01-16 1398272]
"SCDEmuApp.exe"=C:\Program Files\PowerISO\SCDEmuApp.exe [2005-10-16 167936]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-04-09 1557160]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-05-06 982880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-11 2001648]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-24 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"H:\Grand Theft Auto IV\GTAIV.exe"="H:\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Hry\Doom3\DOOM3DED.exe"="C:\Hry\Doom3\DOOM3DED.exe:*:Enabled:DOOM 3"
"C:\Hry\Doom3\DOOM3.exe"="C:\Hry\Doom3\DOOM3.exe:*:Enabled:DOOM 3"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\okay\Desktop\age of empires 2\empires2.exe"="C:\Documents and Settings\okay\Desktop\age of empires 2\empires2.exe:*:Enabled:Age of Empires II"
"C:\Documents and Settings\okay\Desktop\Empire Earth\Empire Earth.exe"="C:\Documents and Settings\okay\Desktop\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\empires2.exe"="C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\empires2.exe:*:Enabled:Age of Empires II"
"C:\Documents and Settings\okay\Desktop\age of empires 2\age2_x1.exe"="C:\Documents and Settings\okay\Desktop\age of empires 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Documents and Settings\okay\Desktop\Sudden Strike II\game\code\Release\game_exe.exe"="C:\Documents and Settings\okay\Desktop\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe"
"C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\age2_x1.exe"="C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"H:\Age of Empires III\age3.exe"="H:\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Full Tilt Poker\FullTiltPoker.exe"="C:\Program Files\Full Tilt Poker\FullTiltPoker.exe:*:Enabled:Full Tilt Poker"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Program Files\OpenTTD\openttd.exe"="C:\Program Files\OpenTTD\openttd.exe:*:Enabled:OpenTTD"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"msacm.iac2"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.avrn"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\ACEMEG~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\ACEMEG~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\ACEMEG~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\ACEMEG~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\ACEMEG~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\ACEMEG~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\ACEMEG~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\ACEMEG~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\ACEMEG~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\ACEMEG~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\ACEMEG~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\ACEMEG~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\ACEMEG~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\ACEMEG~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr2.dll
"vidc.mwv1"=C:\PROGRA~1\ACEMEG~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\ACEMEG~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iv42"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=ir50_32.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"vidc.ir21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=mcdvd_32.dll
"vidc.dvc"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

======List of files/folders created in the last 1 month======

2012-05-10 12:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2604042$
2012-05-10 12:18:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-10 12:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-10 12:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-10 12:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-06 19:02:36 ----D---- C:\WINDOWS\system32\cache
2012-04-30 16:52:18 ----D---- C:\Documents and Settings\okay\Application Data\AVG
2012-04-30 14:05:24 ----HD---- C:\$AVG
2012-04-30 13:15:18 ----D---- C:\Documents and Settings\okay\Application Data\AVG2012
2012-04-30 13:12:25 ----D---- C:\Documents and Settings\okay\Application Data\AVG Secure Search
2012-04-30 13:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2012-04-30 13:12:16 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-04-30 13:12:15 ----D---- C:\Program Files\AVG Secure Search
2012-04-30 13:12:08 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2012-04-30 13:04:14 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-04-30 13:04:14 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2012
2012-04-30 13:01:37 ----D---- C:\Program Files\AVG
2012-04-30 12:58:06 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

======List of files/folders modified in the last 1 month======

2012-05-25 00:22:06 ----D---- C:\Program Files\Trend Micro
2012-05-25 00:20:42 ----D---- C:\WINDOWS\Temp
2012-05-24 23:43:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-24 22:04:12 ----D---- C:\WINDOWS\Prefetch
2012-05-24 21:59:17 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-24 21:58:48 ----D---- C:\Program Files\Mozilla Firefox
2012-05-24 21:56:07 ----D---- C:\Program Files\Rockstar Games
2012-05-24 21:16:15 ----D---- C:\WINDOWS\Tasks
2012-05-24 20:48:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2012-05-24 20:48:08 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt
2012-05-24 20:48:08 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt
2012-05-24 20:48:08 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem #2.txt
2012-05-24 20:47:57 ----D---- C:\WINDOWS
2012-05-24 20:47:09 ----D---- C:\WINDOWS\Registration
2012-05-22 17:33:12 ----SHD---- C:\WINDOWS\Installer
2012-05-22 17:31:10 ----D---- C:\WINDOWS\Microsoft.NET
2012-05-22 17:29:38 ----D---- C:\Config.Msi
2012-05-12 21:13:20 ----D---- C:\WINDOWS\Debug
2012-05-10 23:52:07 ----RSD---- C:\WINDOWS\assembly
2012-05-10 19:12:54 ----D---- C:\WINDOWS\system32
2012-05-10 12:18:47 ----D---- C:\WINDOWS\inf
2012-05-10 12:18:40 ----D---- C:\WINDOWS\WinSxS
2012-05-10 12:18:01 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-10 12:10:20 ----A---- C:\WINDOWS\system32\MRT.exe
2012-05-10 12:09:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-05-10 12:05:15 ----D---- C:\WINDOWS\$hf_mig$
2012-05-10 12:01:56 ----DC---- C:\WINDOWS\system32\dllcache
2012-05-06 12:56:24 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-06 12:56:23 ----D---- C:\Program Files\Electronic Arts
2012-05-06 12:53:50 ----D---- C:\Program Files
2012-05-06 12:47:46 ----D---- C:\Program Files\Full Tilt Poker
2012-05-06 12:47:11 ----D---- C:\Program Files\Forklift Truck Simulator 2009
2012-05-06 12:46:00 ----D---- C:\WINDOWS\Minidump
2012-05-06 12:42:31 ----D---- C:\Documents and Settings\okay\Application Data\Comodo
2012-05-06 12:40:46 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2012-05-06 12:40:25 ----D---- C:\WINDOWS\system32\drivers
2012-05-04 01:37:13 ----A---- C:\WINDOWS\DUMPad28.tmp
2012-04-30 21:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2675157$
2012-04-30 17:34:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-04-30 13:12:16 ----D---- C:\Program Files\Common Files
2012-04-28 17:28:53 ----D---- C:\Program Files\Ask.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-10-19 28207]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-21 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-04-18 682232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-08 35840]
R1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-01-17 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-01-17 32640]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\prodrv04.sys [2010-12-07 114496]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2005-10-16 27171]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-15 12032]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-15 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-15 55936]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-15 5888]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-09-19 241280]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-01-17 102016]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 a6bsyfwd;a6bsyfwd; C:\WINDOWS\system32\drivers\a6bsyfwd.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-05-23 30944]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2004-12-01 22488]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2004-09-21 11604]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\okay\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 krdpdre;krdpdre; \??\C:\DOCUME~1\okay\LOCALS~1\Temp\krdpdre.sys []
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-24 581632]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-01-16 878592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-05-06 918880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-23 593920]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-01-16 878592]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-04 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2006-11-06 210432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 25 kvě 2012 05:56

Zdravím.

Vydž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 25 kvě 2012 06:03

No nediv se, že se Ti PC seká, když ho máš trošken zaliskaný.

Program SUPERAntiSpyware odeber v jeho nastaveních ze spouštění při startu systému a z rezidentní ochrany - tluče se Ti s rezidentem, obsaženým v antiviru. Program doporučuji spouštět preventivně jednou za čas ručně.

Program TuneUp Utilities 2006 doporučuji svižně odinstalovat. Pokud budeš jeho prostřednictvím něco v systému měnit, jsi na nejlepší cestě poškodit systém. Takové jsou naše zkušenosti.

Dále, pokud je tam najdeš, tak v nabídce Přidat nebo odebrat programy odinstaluj tyto toolbary: Ask Toolbar a pokud to jde, tak i AVG Security Toolbar.
Obrázek

Jsou to veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.

Až to všechno pečlivě provedeš, tak se vrhni na ComboFix, čeká nás ještě kus práce.

PROSÍM, ČTI NÁVOD DŮKLADNĚ - TATO UTILITA MÁ VELKOU SCHOPNOST MAZAT A JE NUTNÉ JI APLIKOVAT JEN NA DOPORUČENÍ, JINAK TI MŮŽE JÍT SYSTÉM DO KYTEK

Stáhni a ulož na Plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypni všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary apod.
Vypni všechny běžící aplikace - ICQ, Skype, browsery, prostě všechny programy, ať běží pouze ComboFix.
Pokud máš Win XP, spusť pod účtem Správce/Administrator.
Pokud máš Win Vista či Win 7, klikni na ComboFix pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Ihned po startu se zobrazí stránka s licenčním ujednáním - pokračuj kliknutím na [Ano].
Pokud Ti ComboFix nabídne instalaci Konzoly pro zotavení, tak souhlas.
Dále postupuj dle pokynů. Během scanu nech PC naprosto v klidu - nespouštěj žádné aplikace a neklikej do zobrazujícího se okna!
Scan by měl trvat cca 10 min, ale pokud bude PC hodne zaneseno, může se čas samozřejmě prodloužit.
Po dokončení scanu a případném restartu ComboFix zobrazí log, který případně najdeš v C:\ComboFix.txt. Jeho obsah mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://www.bleepingcomputer.com/combofi ... t-combofix

xtoncekx · #4 Příspěvek od **xtoncekx** » 25 kvě 2012 12:35

toolbary jsem odebral,až na ten AVG,ten nešel,tuneup utilites sem taky odebral a ten antispyware sem odinstaloval uplne,když je už jeden v tom placenem AVG.a tady je ten log z combofixu

ComboFix 12-05-25.02 - okay 2012/05/25 13:10:27.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1023.561 [GMT 2:00]
Spuštěný z: c:\documents and settings\okay\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\okay\Application Data\Cashfiesta
c:\documents and settings\okay\Application Data\Cashfiesta\antoniusfiesta.dat
c:\documents and settings\okay\Application Data\Desktopicon
c:\documents and settings\okay\WINDOWS
c:\program files\filesubmit
c:\program files\Mozilla Firefox\components\AskHPRFF.js
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\system32\avisynth.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3daee1ac7af737a3.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\devil.dll
c:\windows\system32\KERNEL.TMP
c:\windows\system32\kernel1.exe
c:\windows\system32\MUI\0405\tourstart.exe
c:\windows\system32\SET45.tmp
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-25 do 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-04-30 14:52 . 2012-04-30 15:24 -------- d-----w- c:\documents and settings\okay\Application Data\AVG
2012-04-30 12:05 . 2012-04-30 12:05 -------- d-----w- C:\$AVG
2012-04-30 11:12 . 2012-04-30 11:12 -------- d-----w- c:\documents and settings\okay\Application Data\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:26 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:12 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2012-04-30 11:12 . 2012-05-25 10:55 -------- d-----w- c:\program files\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:12 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-04-30 11:04 . 2012-05-25 10:24 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-30 11:04 . 2012-04-30 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2012-04-30 11:01 . 2012-04-30 14:44 -------- d-----w- c:\program files\AVG
2012-04-30 10:58 . 2012-05-25 10:24 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-22 14:51 . 2011-05-26 21:45 1409 ----a-w- c:\windows\QTFont.for
2012-05-03 23:37 . 2010-05-24 17:21 102400 ----a-w- c:\windows\DUMPad28.tmp
2012-04-11 13:14 . 2006-12-19 14:15 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12 . 2009-08-14 13:21 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:35 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-02-29 14:10 . 1980-01-01 00:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 1980-01-01 00:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-28 18:50 . 2011-02-17 13:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-02-28 18:50 . 1980-01-01 00:00 667136 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 18:50 . 2011-02-17 13:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-02-28 13:50 . 2011-02-17 12:37 369664 ----a-w- c:\windows\system32\html.iec
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2005-10-24 09:13 66560 -csha-r- c:\windows\MOTA113.exe
2005-10-13 19:27 422400 -csha-r- c:\windows\x2.64.exe
2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2004-01-24 22:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-05-06 17:02 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-05-06 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-01-16 1398272]
"SCDEmuApp.exe"="c:\program files\PowerISO\SCDEmuApp.exe" [2005-10-16 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-06 982880]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PCSuiteTrayApplication"=c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Hry\\Doom3\\DOOM3DED.exe"=
"c:\\Hry\\Doom3\\DOOM3.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\age of empires 2\\empires2.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Empire Earth\\Empire Earth.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Age of Empire 2 + The conquerors expansion\\empires2.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\age of empires 2\\age2_x1.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Sudden Strike II\\game\\code\\Release\\game_exe.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Age of Empire 2 + The conquerors expansion\\age2_x1.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\OpenTTD\\openttd.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011/07/11 1:14 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011/09/13 6:30 32592]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007/04/18 18:34 682232]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011/10/07 6:23 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011/07/11 1:14 295248]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [2007/05/29 20:45 114496]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2011/11/23 2:36 2391832]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011/08/02 6:09 192776]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011/05/23 1:03 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011/07/11 1:14 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011/07/11 1:14 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011/10/04 6:21 16720]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011/10/12 6:25 4433248]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012/05/06 19:02 918880]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011/05/23 1:03 30944]
S3 krdpdre;krdpdre;\??\c:\docume~1\okay\LOCALS~1\Temp\krdpdre.sys --> c:\docume~1\okay\LOCALS~1\Temp\krdpdre.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mchInjDrv
*Deregistered* - SASDIFSV
*Deregistered* - SASENUM
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
2012-05-25 c:\windows\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job
- c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe [2012-04-30 15:20]
.
.
------- Doplňkový sken -------
.
uStart Page = start.qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Přečti to! - c:\windows\Speech\gbs\Precti_to.htm
LSP: xfire_lsp_10650.dll
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7536d183-4238-4203-9999-e1189db29229%7D&mid=81ba39ec84cc47d0af08d15e777a1267-e3f119e012000b4e44ea88dd14183f8b1835f115&ds=AVG&v=10.2.0.3&lang=cs&pr=pr&d=2012-04-30%2013%3A12%3A23&sap=ku&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: NASA Night Launch: nasanightlaunch@example.com - %profile%\extensions\nasanightlaunch@example.com
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Harley Davidson: {2c088200-b973-11db-8314-0800200c9a66} - %profile%\extensions\{2c088200-b973-11db-8314-0800200c9a66}
FF - Ext: Dr.Web anti-virus link checker: {6614d11d-d21d-b211-ae23-815234e1ebb5} - %profile%\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
FF - Ext: Mario Forever Community Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - %profile%\extensions\{707db484-2428-402d-afb5-d85b387544c7}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\AVG\AVG2012\Firefox
FF - Ext: AVG Security Toolbar: avg@toolbar - c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{707db484-2428-402d-afb5-d85b387544c7} - (no file)
BHO-{707db484-2428-402d-afb5-d85b387544c7} - (no file)
Toolbar-{707db484-2428-402d-afb5-d85b387544c7} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
AddRemove-Google Updater - c:\program files\Google\Google Updater\GoogleUpdater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 13:21
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\windows\TEMP\mc21.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a6,2c,77,e7,14,0d,ce,97,5b,9e,5f,4f,5a,8d,2e,f7,f4,38,4c,82,29,d1,69,
cc,1d,64,cc,ad,cf,6b,e0,4d,01,6d,1f,fa,fe,ce,2f,5c,be,3d,c0,1a,dc,6e,9b,5d,\
"??"=hex:fc,47,ec,da,2a,de,07,31,71,6d,73,de,d7,2c,9f,64
.
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\SecuROM\License information*]
"datasecu"=hex:7b,2e,02,ff,38,2b,8a,8b,6d,6e,2c,ba,a8,e6,e6,c6,04,bf,77,e7,3b,
f7,15,84,04,61,7a,36,bb,3e,85,2d,c5,cd,96,b8,b5,4e,e6,58,a6,d3,d3,52,84,94,\
"rkeysecu"=hex:31,91,e5,bd,28,c0,5d,8b,5f,74,77,df,bf,84,fc,6d
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1288)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1348)
c:\windows\system32\xfire_lsp_10650.dll
.
Celkový čas: 2012-05-25 13:28:00
ComboFix-quarantined-files.txt 2012-05-25 11:27
ComboFix2.txt 2007-11-11 22:05
.
Před spuštěním: 61 847 004 672 bytes free
Po spuštění: Volných bajtů: 62 178 854 912
.
- - End Of File - - 5D18412544C3748B50DDFBB34E2CA82A

#5 Příspěvek od **Mc_Murphy** » 25 kvě 2012 13:22

Následující soubory otestuj na stránkách VirusTotal.

c:\windows\MOTA113.exe
c:\windows\x2.64.exe
c:\windows\system32\AVSredirect.dll
c:\windows\system32\Smab.dll
c:\windows\system32\x.264.exe
c:\windows\system32\yv12vfw.dll
Klikni na [Choose File].
Soubor nehledej, jen vlož cestu souboru, který chci otestovat.
Klikni na [Scan it!].
Pokud na Tebe vyskočí obrazovka podobná té, co je níže, klikni na [Reanalyse]!
Výsledek analýzy mi sem vlož (jako odkaz).

xtoncekx · #6 Příspěvek od **xtoncekx** » 25 kvě 2012 16:24

https://www.virustotal.com/file/ed29a74 ... 337958717/

https://www.virustotal.com/file/72367e0 ... 337958893/

https://www.virustotal.com/file/699c988 ... 337959064/

https://www.virustotal.com/file/6ba2b68 ... 337959204/

https://www.virustotal.com/file/fb38f3f ... 337959307/

https://www.virustotal.com/file/edc075d ... 337959424/

#7 Příspěvek od **Mc_Murphy** » 25 kvě 2012 17:01

Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.

Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
Zkopíruj do něj tento script:

Kód: Vybrat vše

KillAll::

Collect::
c:\windows\MOTA113.exe
c:\windows\system32\AVSredirect.dll
c:\windows\system32\x.264.exe
c:\windows\DUMPad28.tmp

Folder::
C:\Program Files\Ask.com
C:\Program Files\Google\GoogleToolbarNotifier

File::
c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
c:\documents and settings\okay\Local Settings\Temp\krdpdre.sys
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On okay Logon.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

Driver::
krdpdre
vToolbarUpdater10.2.0

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=-
[-HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=-
"NeroFilterCheck"=-
"OpwareSE2"=-
"StartCCC"=-
"ATICustomerCare"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

DDS::
uStart Page = start.qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Přečti to! - c:\windows\Speech\gbs\Precti_to.htm

Firefox::
FF - ProfilePath - c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B75 ... &sap=ku&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: NASA Night Launch: nasanightlaunch@example.com - %profile%\extensions\nasanightlaunch@example.com
FF - Ext: Mario Forever Community Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - %profile%\extensions\{707db484-2428-402d-afb5-d85b387544c7}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\AVG\AVG2012\Firefox
FF - Ext: AVG Security Toolbar: avg@toolbar - c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3

RegNull::
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\SecuROM\License information*]

ClearJavaCache::

AtJob::

Reboot::

Ulož vytvořený TXT jako CFScript.txt
Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.

Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.

xtoncekx · #8 Příspěvek od **xtoncekx** » 25 kvě 2012 20:20

ComboFix 12-05-25.02 - okay 2012/05/25 20:33:44.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1023.691 [GMT 2:00]
Spuštěný z: c:\documents and settings\okay\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\okay\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
FILE ::
"c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk"
"c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk"
"c:\documents and settings\okay\Local Settings\Temp\krdpdre.sys"
"c:\windows\tasks\1-Click Maintenance.job"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\AVG PC Tuneup Integrator Start On okay Logon.job"
"c:\windows\tasks\Google Software Updater.job"
"c:\windows\tasks\Scheduled Update for Ask Toolbar.job"
.
file zipped: c:\windows\DUMPad28.tmp
file zipped: c:\windows\MOTA113.exe
file zipped: c:\windows\system32\AVSredirect.dll
file zipped: c:\windows\system32\x.264.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\components\FF4\IToolbarhomewmp.xpt
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\components\FF4\toolbarhomewmp.dll
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\components\toolbarhomeApi.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\chrome.manifest
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\chrome\avg.jar
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\icon.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\install.rdf
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\locale\en-US\global.dtd
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\locale\en-US\global.properties
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\avg.xml
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\avgJsm.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\Bindings.xml
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\configuration.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\configuration_0.css
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\configuration_0.xul
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\EmailNotifier.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\HistoryCleaner.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\IOJsm.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\Preferences.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\propertiesJsm.js
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\about.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\ajax-loader.gif
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\calc.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\CleanHistory.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\close.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\current.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\Facebook.gif
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\feedback.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\feedicon.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\help.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\icon_search.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\icon18.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\information-24.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\labs.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\loader.gif
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\note.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\PageStatus.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\questionmarkIcon.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\search.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\SecuredSearch.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\speed-test.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\weather.gif
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\window-close.png
c:\documents and settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\windows.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\ConduitAutoCompleteSearch.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\ConduitToolbar.idl
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\ConduitToolbar.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\ConduitToolbar.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\RadioWMPCore.dll
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\RadioWMPCore.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\components\RadioWMPCoreGecko19.dll
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\alertSettingsComponent.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\appContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\engineContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\engineSettings.json
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\fbAlert.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\getAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\postAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\toolbarContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\chrome.manifest
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\chrome\mario_forever.jar
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\lib\xpcom.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\META-INF\manifest.mf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\META-INF\zigbert.rsa
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\META-INF\zigbert.sf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\searchplugin\conduit.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\searchplugin\conduit.ico
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\searchplugin\conduit.PNG
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\searchplugin\conduit.src
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\searchplugin\conduit.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}\version.txt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\chrome.manifest
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\lib\xpcom.js
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\engine@conduit.com\version.txt
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com\chrome.manifest
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com\chrome\inner.jar
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com\icon.png
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com\install.rdf
c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\nasanightlaunch@example.com\preview.png
c:\program files\AVG\AVG2012\Firefox
c:\program files\AVG\AVG2012\Firefox\Components\avgssff.dll
c:\program files\AVG\AVG2012\Firefox\Components\ISearchShield.xpt
c:\program files\AVG\AVG2012\Firefox\chrome.manifest
c:\program files\AVG\AVG2012\Firefox\Chrome\searchshield.jar
c:\program files\AVG\AVG2012\Firefox\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\windows\DUMPad28.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_KRDPDRE
-------\Legacy_VTOOLBARUPDATER10.2.0
-------\Service_krdpdre
-------\Service_vToolbarUpdater10.2.0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-25 do 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-05-25 19:05 . 2012-05-25 19:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2012-04-30 14:52 . 2012-04-30 15:24 -------- d-----w- c:\documents and settings\okay\Application Data\AVG
2012-04-30 12:05 . 2012-04-30 12:05 -------- d-----w- C:\$AVG
2012-04-30 11:12 . 2012-04-30 11:12 -------- d-----w- c:\documents and settings\okay\Application Data\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:26 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:12 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2012-04-30 11:12 . 2012-05-25 10:55 -------- d-----w- c:\program files\AVG Secure Search
2012-04-30 11:12 . 2012-04-30 11:12 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-04-30 11:04 . 2012-05-25 11:54 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-30 11:04 . 2012-04-30 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012
2012-04-30 11:01 . 2012-04-30 14:44 -------- d-----w- c:\program files\AVG
2012-04-30 10:58 . 2012-05-25 10:24 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-22 14:51 . 2011-05-26 21:45 1409 ----a-w- c:\windows\QTFont.for
2012-04-11 13:14 . 2006-12-19 14:15 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12 . 2009-08-14 13:21 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:35 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-02-29 14:10 . 1980-01-01 00:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 1980-01-01 00:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-28 18:50 . 2011-02-17 13:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-02-28 18:50 . 1980-01-01 00:00 667136 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 18:50 . 2011-02-17 13:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-02-28 13:50 . 2011-02-17 12:37 369664 ----a-w- c:\windows\system32\html.iec
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2005-10-24 09:13 66560 -csha-r- c:\windows\MOTA113.exe
2005-10-13 19:27 422400 -csha-r- c:\windows\x2.64.exe
2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2004-01-24 22:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2006-04-27 08:24 2945024 --sha-r- c:\windows\system32\Smab.dll
2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
2004-01-24 22:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-25_11.22.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-25 19:05 . 2012-05-25 19:05 16384 c:\windows\temp\Perflib_Perfdata_594.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-01-16 1398272]
"SCDEmuApp.exe"="c:\program files\PowerISO\SCDEmuApp.exe" [2005-10-16 167936]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-06 982880]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PCSuiteTrayApplication"=c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Hry\\Doom3\\DOOM3DED.exe"=
"c:\\Hry\\Doom3\\DOOM3.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\age of empires 2\\empires2.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Empire Earth\\Empire Earth.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Age of Empire 2 + The conquerors expansion\\empires2.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\age of empires 2\\age2_x1.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Sudden Strike II\\game\\code\\Release\\game_exe.exe"=
"c:\\Documents and Settings\\okay\\Desktop\\Age of Empire 2 + The conquerors expansion\\age2_x1.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\OpenTTD\\openttd.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011/07/11 1:14 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011/09/13 6:30 32592]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007/04/18 18:34 682232]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011/10/07 6:23 230608]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011/07/11 1:14 295248]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [2007/05/29 20:45 114496]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2011/11/23 2:36 2391832]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011/10/12 6:25 4433248]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011/08/02 6:09 192776]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011/05/23 1:03 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011/07/11 1:14 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011/07/11 1:14 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011/10/04 6:21 16720]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011/05/23 1:03 30944]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\okay\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\okay\LOCALS~1\Temp\CFcatchme.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
2012-05-25 c:\windows\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job
- c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe [2012-04-30 15:20]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
LSP: xfire_lsp_10650.dll
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Harley Davidson: {2c088200-b973-11db-8314-0800200c9a66} - %profile%\extensions\{2c088200-b973-11db-8314-0800200c9a66}
FF - Ext: Dr.Web anti-virus link checker: {6614d11d-d21d-b211-ae23-815234e1ebb5} - %profile%\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 21:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1288)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1348)
c:\windows\system32\xfire_lsp_10650.dll
.
- - - - - - - > 'explorer.exe'(2844)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Ahead\InCD\InCDsrv.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\windows\system32\dllhost.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Celkový čas: 2012-05-25 21:14:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-25 19:14
ComboFix2.txt 2012-05-25 11:28
ComboFix3.txt 2007-11-11 22:05
.
Před spuštěním: 62 234 507 776 bytes free
Po spuštění: Volných bajtů: 62 116 850 688
.
- - End Of File - - 20C5C84C7F6ABE1A73D659E647FCA1F8
Nahr nˇ probŘhlo ŁspŘçnŘ

#9 Příspěvek od **Mc_Murphy** » 28 kvě 2012 15:24

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT

netsvc
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s

%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

xtoncekx · #10 Příspěvek od **xtoncekx** » 29 kvě 2012 00:51

OTL Extras logfile created on: 2012/05/29 1:13:19 - Run 1
OTL by OldTimer - Version 3.2.43.2 Folder = C:\Documents and Settings\okay\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: yyyy/MM/dd

1023,23 Mb Total Physical Memory | 450,96 Mb Available Physical Memory | 44,07% Memory free
2,41 Gb Paging File | 1,79 Gb Available in Paging File | 74,46% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 64,21 Gb Free Space | 34,46% Space Free | Partition Type: NTFS

Computer Name: TONCEK | User Name: okay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Hry\Doom3\DOOM3DED.exe" = C:\Hry\Doom3\DOOM3DED.exe:*:Enabled:DOOM 3 -- (id Software)
"C:\Hry\Doom3\DOOM3.exe" = C:\Hry\Doom3\DOOM3.exe:*:Enabled:DOOM 3 -- (id Software)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\okay\Desktop\age of empires 2\empires2.exe" = C:\Documents and Settings\okay\Desktop\age of empires 2\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\Documents and Settings\okay\Desktop\Empire Earth\Empire Earth.exe" = C:\Documents and Settings\okay\Desktop\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth -- ()
"C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\empires2.exe" = C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\Documents and Settings\okay\Desktop\age of empires 2\age2_x1.exe" = C:\Documents and Settings\okay\Desktop\age of empires 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Documents and Settings\okay\Desktop\Sudden Strike II\game\code\Release\game_exe.exe" = C:\Documents and Settings\okay\Desktop\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe -- (FIreglow)
"C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\age2_x1.exe" = C:\Documents and Settings\okay\Desktop\Age of Empire 2 + The conquerors expansion\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Program Files\OpenTTD\openttd.exe" = C:\Program Files\OpenTTD\openttd.exe:*:Enabled:OpenTTD -- (OpenTTD Development Team)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}" = PC Connectivity Solution
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{072A1145-79D5-4BEB-4D8A-59CCB7CB31AE}" = Catalyst Control Center Graphics Full Existing
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{097CF8DE-C007-F3C5-2A80-C1AD2A9D7EFB}" = Catalyst Control Center Graphics Previews Common
"{0A06D517-BEE7-2D03-9792-CF1A30E29A70}" = Skins
"{0E5E5B46-61B6-3FF3-5C7C-87F1AC00568E}" = CCC Help Czech
"{0ED98038-0885-F902-C419-669ADE471A46}" = ATI Stream SDK v2 Developer
"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5
"{10162E91-BB26-AF99-909C-E840C15890E8}" = Catalyst Control Center Graphics Full Existing
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1481D8E3-EA17-7697-3738-F5AA7784C902}" = ccc-utility
"{15A0B9F3-DCE9-42D8-0F81-A03C0BF9BB3B}" = CCC Help Norwegian
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A84EB1-D85B-BB4F-0030-B7E2BC1ACB6F}" = Catalyst Control Center Localization Dutch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{233EE11F-A04C-B612-AEDF-16A312986113}" = Catalyst Control Center Graphics Light
"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{29C0E9C5-7718-D07B-633F-FD5BE27BBCE5}" = ccc-core-preinstall
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A5782B3-9767-5DF6-8F5A-4900CD698845}" = Catalyst Control Center Graphics Light
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3405EF6E-6E68-AF1A-A165-4832ADA3221E}" = Catalyst Control Center Localization Finnish
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36C991BC-0116-4777-AC7C-4B2A5D7C6DEF}" = Localization Pack for Microsoft Windows XP Media Center Edition
"{38EC695A-64CD-7C76-3C21-9ECB49880C70}" = Catalyst Control Center Core Implementation
"{39BBA37B-E375-4977-6EC2-9FB182A18CD1}" = Catalyst Control Center Localization Russian
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3CFC1E5C-52C5-F564-BBBD-A791A0ED2868}" = CCC Help Swedish
"{40A77C5E-831D-53B7-6DD6-049390E99737}" = CCC Help Turkish
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{43B7C43F-406C-4DE5-DCC5-6712A09890D1}" = Catalyst Control Center Localization Danish
"{4517BAE4-D4F2-3A21-38F7-8E4D798515E3}" = Catalyst Control Center Localization Norwegian
"{47E0F183-E938-A97E-A3CF-9FD4D9893439}" = ccc-core-static
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4C0F15CA-2032-5D72-F209-A89E02A5FE0F}" = CCC Help English
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{508D86EE-931E-4DEA-0BF8-25E30CE9EB42}" = ccc-utility
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57A17677-2064-D213-F2C0-37874112BCE8}" = ccc-utility
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{583D8EAC-BABE-4AA8-A39A-201BA3DE1124}" = 122004
"{59A67AEF-CABF-32CA-5407-55049E899A11}" = Catalyst Control Center Graphics Light
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F42FC6B-947B-9B89-29B0-545F0815AD7F}" = ATI Parental Control & Encoder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7911C404-9AFA-4BB2-B9B7-E47423D87528}" = Knights Of Honor
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7A81A7E3-7391-ADFF-9014-F8F45F0337F6}" = CCC Help English
"{7AD35FDD-A268-44b7-9A8E-4677020CC90B}" = 1300Tour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{805C099D-2A20-DBF8-780C-52CA10916A14}" = Catalyst Control Center Graphics Full New
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{849A20E0-8A09-45F9-BE58-4DAE823E8CE4}" = Catalyst Control Center Localization Czech
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{85785A25-4ED5-1CDF-24BF-4AD32FFDCD3D}" = Catalyst Control Center Localization Turkish
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8E79A5A3-AA5F-DA1F-4BF2-EEC290A08709}" = Skins
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{901A5511-070B-20DF-2F5A-5FA29C302C2A}" = Catalyst Control Center Graphics Full Existing
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{943803CB-20FA-F4EB-E4A6-A3B055A1DC2E}" = ccc-core-preinstall
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{973DFE07-93EE-4EC0-73B2-1E9B1EB1B46D}" = CCC Help Danish
"{97B2C4BB-08B1-6092-0F67-62AFA077444C}" = CCC Help Russian
"{980606BB-A475-4a85-A665-6E30DB2F28B3}" = 1300Trb
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E2222E2-6D95-11D6-9D7C-004033384775}" = SoftCAD.3D
"{9EE5A621-A673-37C4-E31A-A7D5696B6F29}" = Catalyst Control Center Graphics Previews Common
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A70FF5D5-D3A5-27EF-9751-3280710AFB9C}" = Skins
"{A71822CD-7F77-46a3-B761-D6BA35245E95}" = 1300
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A958AD7D-A598-A2B6-CB71-19033DAD6730}" = Catalyst Control Center Localization Swedish
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A70500000002}" = Adobe Reader 7.0.5 - Czech
"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2F6B336-798D-77C2-21C9-392D4B0188F9}" = Catalyst Control Center Core Implementation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B41B9D4A-42D5-F51F-4F9A-626D9A06CB4C}" = ccc-core-preinstall
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9060398-FB64-2A4C-C4E6-D1236447E026}" = ATI Catalyst Install Manager
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{C064F50C-4B08-3136-48F5-B92130A47267}" = Catalyst Control Center Graphics Previews Common
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C12C6589-32A4-2D8E-C8D5-C85CCF40157F}" = ccc-core-static
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C40B3988-1BF3-12FD-10AC-F708BF1C5CFC}" = Catalyst Control Center Core Implementation
"{CAEFCB7D-C290-57B2-D10D-E3DDBA524232}" = CCC Help Finnish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB83F10A-D02A-4aba-8843-ACAB50D48216}" = 1300_Help
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D72C29C6-8476-B58D-9453-6D0FCD7FF481}" = Catalyst Control Center Graphics Full New
"{D9758C4B-CDD0-536F-D90E-9D74AFC3A35E}" = Catalyst Control Center Graphics Full New
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB34FA40-A43D-4B56-8ADA-948F8879B715}" = Image Converter
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4ABEF81-DE3D-DF19-BC99-BC34E2BD16B3}" = CCC Help Dutch
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F5F16F97-9094-02B8-2BF0-F03E67C4E55C}" = CCC Help English
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"ATITool" = ATITool Overclocking Utility
"AVG" = AVG 2012
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"Black Tube Downloader_is1" = Black Tube Downloader
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CV Curriculum vitae CREATOR" = CV Curriculum vitae CREATOR
"DIGIMAX Home Print Service" = DIGIMAX Home Print Service
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy Vysvědčení_is1" = Easy Vysvědčení verze 1.1
"EAX Unified" = EAX Unified
"German Truck Simulator" = German Truck Simulator 1.00
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 3.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.19)" = Mozilla Firefox (3.5.19)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenTTD" = OpenTTD 1.1.0
"PokerStars" = PokerStars
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Scorpions WinCheater 2.07 (s databází 78)_is1" = Scorpions WinCheater
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Totalcmd" = Total Commander (Remove or Repair)
"upads" = Upads.biz Browser Optimizer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010/12/16 12:45:56 | Computer Name = TONCEK | Source = Application Error | ID = 1000
Description = Chybující aplikace gta_sa.exe, verze 0.0.0.0, chybující modul gta_sa.exe,
verze 0.0.0.0, adresa chyby 0x003f382b.

Error - 2010/12/17 15:43:39 | Computer Name = TONCEK | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application vdownloader.exe, version 2.9.443.0, stamp 4bcfbcc1,
faulting module kernel32.dll, version 5.1.2600.5781, stamp 49c4f482, debug? 0,
fault address 0x00012afb.

Error - 2010/12/17 15:44:14 | Computer Name = TONCEK | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application vdownloader.exe, version 2.9.443.0, stamp 4bcfbcc1,
faulting module kernel32.dll, version 5.1.2600.5781, stamp 49c4f482, debug? 0,
fault address 0x00012afb.

Error - 2010/12/17 15:44:55 | Computer Name = TONCEK | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application vdownloader.exe, version 2.9.443.0, stamp 4bcfbcc1,
faulting module kernel32.dll, version 5.1.2600.5781, stamp 49c4f482, debug? 0,
fault address 0x00012afb.

Error - 2010/12/18 6:07:33 | Computer Name = TONCEK | Source = Application Error | ID = 1000
Description = Chybující aplikace gta_sa.exe, verze 0.0.0.0, chybující modul gta_sa.exe,
verze 0.0.0.0, adresa chyby 0x003f382b.

Error - 2010/12/19 10:22:43 | Computer Name = TONCEK | Source = MsiInstaller | ID = 11316
Description = Product: Steam -- Error 1316. A network error occurred while attempting
to read from the file: C:\Documents and Settings\okay\My Documents\Stažené soubory\SteamInstall_English.msi

Error - 2011/01/04 12:02:40 | Computer Name = TONCEK | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.1.3986, chybující modul
npdivx32.dll, verze 1.5.0.52, adresa chyby 0x00143512.

Error - 2011/01/09 17:33:21 | Computer Name = TONCEK | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.5721.5145, chybující modul
lmpgspl.ax, verze 4.0.0.77, adresa chyby 0x00003b18.

Error - 2011/01/29 20:06:05 | Computer Name = TONCEK | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 2011/02/17 15:13:13 | Computer Name = TONCEK | Source = Age of Empires 3 | ID = 1000
Description =

[ System Events ]
Error - 2012/05/26 1:53:26 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/26 13:30:59 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Netman.

Error - 2012/05/26 13:32:51 | Computer Name = TONCEK | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{07E94136-DB60-4578-8C50-7AC95EFCA459}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.

Error - 2012/05/26 17:50:00 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/26 20:18:35 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/27 2:00:05 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/27 5:08:11 | Computer Name = TONCEK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 2012/05/27 6:53:06 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/27 14:12:27 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 2012/05/28 17:37:25 | Computer Name = TONCEK | Source = Service Control Manager | ID = 7001
Description = Služba Media Center Extender Service závisí na službě SSDP Discovery
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

< End of report >

xtoncekx · #11 Příspěvek od **xtoncekx** » 29 kvě 2012 00:54

OTL logfile created on: 2012/05/29 1:13:19 - Run 1
OTL by OldTimer - Version 3.2.43.2 Folder = C:\Documents and Settings\okay\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: yyyy/MM/dd

1023,23 Mb Total Physical Memory | 450,96 Mb Available Physical Memory | 44,07% Memory free
2,41 Gb Paging File | 1,79 Gb Available in Paging File | 74,46% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 64,21 Gb Free Space | 34,46% Space Free | Partition Type: NTFS

Computer Name: TONCEK | User Name: okay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/05/29 01:11:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\okay\Desktop\OTL.exe
PRC - [2012/05/06 19:02:13 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/11/23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/11/03 17:20:58 | 000,803,144 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/03 10:17:10 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/16 18:46:28 | 001,398,272 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2006/01/16 18:46:12 | 000,878,592 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2005/10/16 03:15:54 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\SCDEmuApp.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/06 19:02:13 | 000,982,880 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/11/03 17:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/11/03 17:21:06 | 000,350,024 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl
MOD - [2011/11/03 17:21:06 | 000,184,136 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl
MOD - [2011/11/03 17:21:06 | 000,050,504 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/11/02 18:17:31 | 005,969,360 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/04/14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/12/08 05:21:10 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\xfire_lsp_10650.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/11/23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2009/03/04 19:40:18 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/11/06 14:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/01/16 18:46:12 | 000,878,592 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2006/01/16 18:46:12 | 000,878,592 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2004/01/05 14:04:56 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\okay\LOCALS~1\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9czuqyc)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/12/07 16:12:13 | 000,114,496 | ---- | M] (Protection Technology Co.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv04.sys -- (prodrv04)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/09/24 05:09:07 | 003,331,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/04/18 18:34:57 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006/11/10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/03/15 16:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/15 16:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006/01/17 11:09:26 | 000,032,640 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/01/17 10:09:34 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/01/17 10:09:28 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/01/16 17:41:20 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005/10/16 03:15:41 | 000,027,171 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005/09/19 08:41:00 | 000,241,280 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/08/11 07:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/02/11 11:24:24 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005/02/11 11:22:48 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 11:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005/02/11 11:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005/02/11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004/12/16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/12/01 17:55:32 | 000,022,488 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2004/11/05 11:39:08 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/10/19 13:40:56 | 000,028,207 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/10/19 11:39:26 | 000,020,096 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2004/10/08 03:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/21 18:18:02 | 000,011,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2004/09/21 18:15:34 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2004/09/03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/09/03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/07/19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {251A1250-6C56-42A4-906A-BB6C44F2C65C}
IE - HKLM\..\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atcomp.cz

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atcomp.cz

IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 6D71BEAD4A
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9D40 ... 2012-04-30 13:12:23&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2247187
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {6614d11d-d21d-b211-ae23-815234e1ebb5}:1.0.23
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1.1
FF - prefs.js..extensions.enabledItems: {2c088200-b973-11db-8314-0800200c9a66}:1.7.1
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/04/30 13:14:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/25 13:20:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/03 10:17:52 | 000,000,000 | ---D | M]

[2009/06/16 22:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\okay\Application Data\mozilla\Extensions
[2009/06/16 22:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\okay\Application Data\mozilla\Extensions\mozswing@mozswing.org
[2012/05/29 00:28:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions
[2011/07/04 14:12:33 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/04/17 12:08:02 | 000,000,000 | ---D | M] ("Metal Lion - Vista") -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2010/05/02 15:41:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/04/17 12:08:02 | 000,000,000 | ---D | M] ("DarkWaters") -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{25435c91-0116-45fe-8b81-173aaded792d}
[2010/05/02 15:40:33 | 000,000,000 | ---D | M] (Harley Davidson) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{2c088200-b973-11db-8314-0800200c9a66}
[2008/04/17 12:08:02 | 000,000,000 | ---D | M] ("BloodFire") -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{4AB21F99-91C5-4a9d-813E-425841874FB1}
[2011/03/10 13:09:24 | 000,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
[2011/07/04 14:12:31 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2008/04/17 12:08:02 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2010/10/08 10:42:47 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/07/04 14:12:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/10/08 10:42:54 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Documents and Settings\okay\Application Data\mozilla\Firefox\Profiles\4w9cz8aq.default\extensions\cs@dictionaries.addons.mozilla.org
[2012/04/28 16:37:34 | 000,002,389 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\askcom.xml
[2009/06/23 11:06:48 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\conduit.xml
[2012/05/24 22:08:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-1.xml
[2009/04/24 07:45:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-10.xml
[2009/04/29 15:05:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-11.xml
[2009/06/16 19:19:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-12.xml
[2009/07/23 12:07:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-13.xml
[2009/08/04 19:26:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-14.xml
[2009/09/14 19:21:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-15.xml
[2009/10/29 13:51:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-16.xml
[2009/12/17 13:43:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-17.xml
[2009/12/28 12:02:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-18.xml
[2010/06/23 15:37:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-19.xml
[2008/09/10 11:33:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-2.xml
[2010/06/23 17:39:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-20.xml
[2010/07/22 16:14:39 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-21.xml
[2010/09/16 21:22:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-22.xml
[2010/10/17 10:31:39 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-23.xml
[2010/10/21 17:39:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-24.xml
[2010/11/02 19:20:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-25.xml
[2010/12/10 21:19:08 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-26.xml
[2011/03/04 12:37:55 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-27.xml
[2011/03/26 16:34:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-28.xml
[2011/07/04 15:44:14 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-29.xml
[2008/09/27 19:31:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-3.xml
[2008/09/28 01:42:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-4.xml
[2008/11/14 20:35:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-5.xml
[2008/12/18 15:38:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-6.xml
[2009/02/07 15:23:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-7.xml
[2009/03/06 15:50:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-8.xml
[2009/03/29 14:55:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-9.xml
[2009/03/01 14:02:44 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin.xml
[2009/07/14 15:29:27 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\qipsearch.xml
[2008/12/17 22:54:24 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\sweetim.xml
[2012/05/27 00:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/25 21:15:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/02/04 22:50:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/09/04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2003/01/13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2012/05/06 19:02:09 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/05/03 10:17:29 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/05/03 10:17:30 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011/05/03 10:17:30 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011/05/03 10:17:30 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/05/03 10:17:30 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/05/25 21:06:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll File not found
O2 - BHO: (no name) - {C333CF63-767F-4831-94AC-E683D962C63C} - No CLSID value found.
O3 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html File not found
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html File not found
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html File not found
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 5291958781 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07E94136-DB60-4578-8C50-7AC95EFCA459}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/16 11:06:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.at3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.CoreFLAC_ACM - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm ()
Drivers32: msacm.divxa32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.imc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\imc32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\lameacm.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.pcdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm (Canopus Co., Ltd.)
Drivers32: msacm.qmpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\QDesign\qmpeg.acm (QDesign Corporation)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\Program Files\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.aas4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.aasc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.advj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.advs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Adaptec\dvc.dll (Adaptec)
Drivers32: vidc.aflc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.afli - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.ap41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.asv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll ()
Drivers32: vidc.asv2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.asvx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.avi1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avi2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avrn - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.bt20 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.cdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\csccdvc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cram - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.cscd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\camcodec.dll (RenderSoft Software.)
Drivers32: vidc.cvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\iccvid.dll (Compression Technologies, Inc.)
Drivers32: vidc.davc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll (dicas)
Drivers32: vidc.dcap - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.dcmj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.ddvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\cscdvsd.dll (Canopus Co., Ltd.)
Drivers32: vidc.div3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dmb2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.dv25 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvcp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvcs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: vidc.em2v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\etxcodec.dll (Etymonix Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.frwa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll (Darim Vision Co.)
Drivers32: vidc.frwd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwt - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll (Darim Vision Co.)
Drivers32: vidc.gepj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.glzw - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\glzw.dll (Gabest)
Drivers32: vidc.gpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\gpeg.dll (Gabest)
Drivers32: vidc.gpjm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.hfyu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv (Intel Corporation)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.ipdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.ir21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.iv30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv33 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv34 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv35 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv36 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv37 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv38 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv39 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv40 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv42 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv43 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv44 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv45 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv46 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv47 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv48 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv49 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.lead - C:\Program Files\ACE Mega CoDecS Pack\SystemS\LEAD\lcodccmp.dll (LEAD Technologies, Inc.)
Drivers32: vidc.m261 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh261.drv (Microsoft Corporation)
Drivers32: vidc.m263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.miro - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.mjpa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.mjpx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mkvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll ()
Drivers32: vidc.mmes - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mp41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4s - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mpg3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.mrle - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msmc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.msvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.mszh - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avimszh.dll ()
Drivers32: vidc.mtx1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mwv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll (Aware Inc.)
Drivers32: vidc.nt00 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Newtek\ntcodec.dll (NewTek, Inc)
Drivers32: vidc.pdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.pim1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.pimj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvljpg20.dll (Pegasus Imaging Corporation)
Drivers32: vidc.png1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll ()
Drivers32: vidc.pvw2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvwv220.dll (Pegasus Imaging Corporation)
Drivers32: vidc.q1.0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.qpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.rmp4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\REALmagic\rmp4.dll ()
Drivers32: vidc.rt21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.rud0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Rududu\rududu.dll (nico)
Drivers32: vidc.s422 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Tekram\tekyuv.dll ()
Drivers32: vidc.sjpg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.sony - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.t420 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.vcr1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll (ATI Technologies, Inc.)
Drivers32: vidc.vcr2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll (ATI Technologies, Inc.)
Drivers32: vidc.vifp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\vfcodec.dll ()
Drivers32: vidc.vixl - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MIRO\miroxl32.dll (Pinnacle Systems)
Drivers32: vidc.vp30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp31 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.vssv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Vanguard Software Sollutions\vsscodec.dll (Vanguard Software Solutions, Inc.)
Drivers32: vidc.wmv3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.wnv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll (Winnov)
Drivers32: vidc.wrpr - C:\Program Files\ACE Mega CoDecS Pack\SystemS\aviwrap.dll ()
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.y411 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.y41p - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.zlib - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avizlib.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/05/29 01:11:42 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\okay\Desktop\OTL.exe
[2012/05/26 20:18:17 | 000,344,057 | ---- | C] (Kosty@n ) -- C:\Documents and Settings\okay\Desktop\MultiMod.exe
[2012/05/26 17:13:02 | 000,739,328 | ---- | C] (Ph1012.com) -- C:\Documents and Settings\okay\Desktop\SA-MultiHack-1.2-.exe
[2012/05/26 11:50:43 | 000,069,632 | ---- | C] (Jacob) -- C:\Documents and Settings\okay\Desktop\SA Handling Editor.exe
[2012/05/25 21:17:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\okay\Recent
[2012/05/25 21:16:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/05/25 21:05:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/05/25 20:49:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/05/25 12:59:11 | 004,526,981 | R--- | C] (Swearware) -- C:\Documents and Settings\okay\Desktop\ComboFix.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\okay\*.tmp files -> C:\Documents and Settings\okay\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/05/29 01:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/05/29 01:11:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\okay\Desktop\OTL.exe
[2012/05/28 23:41:45 | 099,389,867 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/05/28 23:41:45 | 000,625,911 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012/05/28 23:37:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/28 23:37:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On okay Logon.job
[2012/05/28 23:36:51 | 000,055,160 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012/05/28 23:36:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/27 23:14:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/27 23:09:08 | 000,185,856 | ---- | M] () -- C:\Documents and Settings\okay\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/27 19:36:58 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2012/05/27 13:27:15 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012/05/26 22:35:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/26 20:18:18 | 000,344,057 | ---- | M] (Kosty@n ) -- C:\Documents and Settings\okay\Desktop\MultiMod.exe
[2012/05/26 17:13:03 | 000,739,328 | ---- | M] (Ph1012.com) -- C:\Documents and Settings\okay\Desktop\SA-MultiHack-1.2-.exe
[2012/05/26 14:19:45 | 000,107,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/05/25 21:06:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/05/25 12:59:31 | 004,526,981 | R--- | M] (Swearware) -- C:\Documents and Settings\okay\Desktop\ComboFix.exe
[2012/05/25 12:39:41 | 000,000,600 | ---- | M] () -- C:\WINDOWS\Rtcw.INI
[2012/05/22 16:51:42 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\okay\*.tmp files -> C:\Documents and Settings\okay\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/29 01:16:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/05/10 12:19:58 | 000,117,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/30 21:22:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== LOP Check ==========

[2011/02/09 22:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2012/04/30 13:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/04/30 13:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2007/09/07 14:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/09/02 23:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2012/04/30 13:12:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/11/02 18:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/02/01 01:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Earthsim
[2012/05/25 12:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/05/25 12:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2008/04/14 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/05/28 23:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/04/14 21:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2007/03/31 00:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2008/04/14 15:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/04/30 18:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/04/13 17:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2007/01/10 13:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2012/05/29 01:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/30 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/02/17 22:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Allstar
[2009/06/23 22:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Ascaron Entertainment
[2012/04/30 17:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG
[2012/04/30 13:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG Secure Search
[2012/04/30 13:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG2012
[2007/10/08 09:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Azureus
[2010/07/19 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\BitTorrent
[2009/06/22 22:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Black Sea Studios
[2007/04/30 18:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Canon
[2010/08/26 17:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\DNA
[2009/03/30 23:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\FileSubmit
[2009/11/03 21:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\GHISLER
[2006/11/14 16:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\LANGMaster
[2009/12/30 23:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Leadertech
[2007/03/31 00:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\PACE Anti-Piracy
[2008/04/14 15:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\PC Suite
[2007/01/10 13:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\ScanSoft
[2010/12/17 21:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\YouTube Downloader
[2012/05/28 23:37:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job

========== Purity Check ==========

xtoncekx · #12 Příspěvek od **xtoncekx** » 29 kvě 2012 00:55

========== Custom Scans ==========

< >

< netsvc >

< >

< MD5 for: ATAPI.SYS >
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/03/15 16:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008/04/14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\autochk.exe
[2008/04/14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006/03/15 16:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2006/03/15 16:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\I386\AUTOCHK.EXE
[2006/03/15 16:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2008/04/14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\f14ee2c91a930052458c\i386\autochk.exe

< MD5 for: CDROM.SYS >
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006/03/15 16:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\explorer.exe
[2007/06/13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006/03/15 16:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2006/03/15 16:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2009/11/23 11:35:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sp3.cab:hal.dll
[2008/04/13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008/04/13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008/04/13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\hal.dll
[2006/03/15 16:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006/03/15 16:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008/04/14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll
[2008/04/14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/03/15 16:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006/04/20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/06/20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006/01/13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006/01/13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2007/10/30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006/03/15 16:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006/03/15 16:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\userinit.exe
[2008/04/14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006/03/15 16:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[54 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[18 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009/03/04 20:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/02/09 22:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2007/03/31 00:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2007/08/06 16:25:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/08/06 16:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/02/14 09:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2012/04/30 13:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/04/30 13:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2007/09/07 14:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/09/02 23:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2012/04/30 13:12:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/06 12:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2010/04/15 18:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2009/11/02 18:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/02/01 01:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Earthsim
[2012/05/25 12:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/03/04 20:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/11/12 13:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/03/24 22:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2012/05/25 12:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2008/04/14 21:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2007/09/11 11:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/11/12 15:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/05/28 23:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/08/26 12:35:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/04/14 21:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2007/03/31 00:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2008/04/14 15:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007/04/30 18:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/12/19 18:43:19 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SecuROM
[2010/07/19 15:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/11/20 18:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2007/04/13 17:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2007/01/10 13:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/11/20 19:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/05/29 01:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/09/07 09:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/03/30 22:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/03/29 21:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2007/12/13 14:10:46 | 000,439,440 | ---- | M] (Earthsim Ltd) -- C:\Documents and Settings\All Users\Application Data\Earthsim\Channel\esinst.exe
[2007/12/13 14:10:16 | 015,993,896 | ---- | M] (Earthsim Ltd) -- C:\Documents and Settings\All Users\Application Data\Earthsim\Channel\espack0.0.exe
[2007/12/13 14:10:16 | 003,776,000 | ---- | M] (Earthsim Ltd) -- C:\Documents and Settings\All Users\Application Data\Earthsim\Channel\espack0.1.exe
[2007/12/13 14:10:16 | 004,790,800 | ---- | M] (Earthsim Ltd) -- C:\Documents and Settings\All Users\Application Data\Earthsim\Channel\espack0.2.exe
[2008/04/14 21:01:10 | 022,974,400 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{2B06E7FD-C5A1-403E-B387-A8D4AA858F48}\NokiaSoftwareUpdaterSetup_en.exe
[2008/04/14 21:01:43 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{2B06E7FD-C5A1-403E-B387-A8D4AA858F48}\Installer\CommonCustomActions\Sleep.exe
[2008/04/14 21:01:42 | 003,181,612 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{2B06E7FD-C5A1-403E-B387-A8D4AA858F48}\Installer\CommonCustomActions\vcredistExec.exe
[2009/03/30 22:03:04 | 002,753,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe

< %APPDATA%\*. >
[2010/12/29 14:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Adobe
[2006/08/11 15:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AdobeUM
[2007/03/31 00:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Ahead
[2008/02/17 22:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Allstar
[2007/08/06 16:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Apple Computer
[2009/06/23 22:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Ascaron Entertainment
[2008/02/14 09:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\ATI
[2012/04/30 17:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG
[2012/04/30 13:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG Secure Search
[2012/04/30 13:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\AVG2012
[2007/10/08 09:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Azureus
[2010/07/19 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\BitTorrent
[2009/06/22 22:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Black Sea Studios
[2007/04/30 18:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Canon
[2009/01/03 18:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\DivX
[2010/08/26 17:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\DNA
[2009/03/30 23:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\FileSubmit
[2009/11/03 21:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\GHISLER
[2009/02/24 13:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Google
[2007/04/12 20:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Help
[2006/06/16 11:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Identities
[2006/11/14 16:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\LANGMaster
[2009/12/30 23:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Leadertech
[2007/03/29 23:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Macromedia
[2012/05/27 23:18:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\okay\Application Data\Microsoft
[2008/09/10 11:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Mozilla
[2007/03/31 00:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\PACE Anti-Piracy
[2008/04/14 15:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\PC Suite
[2007/01/10 13:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\ScanSoft
[2007/04/04 01:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\SecuROM
[2007/04/17 21:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Sun
[2007/03/29 20:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\Talkback
[2010/12/17 21:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\okay\Application Data\YouTube Downloader

< %APPDATA%\*.exe /s >
[2007/09/20 22:52:05 | 005,294,360 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Azureus\plugins\azemp\azmplay.exe
[2007/04/03 21:32:46 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\okay\Application Data\Microsoft\Installer\{29C0E9C5-7718-D07B-633F-FD5BE27BBCE5}\ARPPRODUCTICON.exe
[2007/03/29 21:07:23 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\okay\Application Data\Microsoft\Installer\{5DA6F06A-B389-407B-BF8C-1548767914D8}\ARPPRODUCTICON.exe
[2007/04/03 21:33:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\okay\Application Data\Microsoft\Installer\{7A81A7E3-7391-ADFF-9014-F8F45F0337F6}\ARPPRODUCTICON.exe
[2007/04/03 21:32:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\okay\Application Data\Microsoft\Installer\{C064F50C-4B08-3136-48F5-B92130A47267}\ARPPRODUCTICON.exe
[2010/01/13 22:17:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\okay\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/06/22 18:27:33 | 000,188,152 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\FlashGot.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012/05/26 22:35:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012/05/28 23:37:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007/04/18 18:34:57 | 000,682,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006/06/16 12:54:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/06/16 12:54:30 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/06/16 12:54:30 | 000,892,928 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2012/05/28 23:36:51 | 000,055,160 | ---- | M] () -- C:\WINDOWS\system32\ativvaxx.cap
[2012/05/27 19:36:58 | 000,043,520 | ---- | M] () -- C:\WINDOWS\system32\CmdLineExt03.dll
[2012/05/28 23:37:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2011/07/21 12:15:40 | 000,028,416 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\19233_1254767259165_1529077852_30817971_65640_n.jpg
[2012/04/30 16:47:27 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\AVG PC Tuneup 2011.lnk
[2009/11/02 17:54:26 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\BitTorrent.lnk
[2012/04/25 12:58:18 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\BlackTube.lnk
[2010/08/23 15:44:30 | 002,998,401 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\comander.mp3
[2012/05/25 12:59:31 | 004,526,981 | R--- | M] (Swearware) -- C:\Documents and Settings\okay\Desktop\ComboFix.exe
[2008/01/31 17:19:39 | 000,000,080 | -HS- | M] () -- C:\Documents and Settings\okay\Desktop\desktop.ini
[2010/05/09 02:45:46 | 000,189,952 | -HS- | M] () -- C:\Documents and Settings\okay\Desktop\ehthumbs.db
[2010/05/24 19:05:01 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\German Truck Simulator.lnk
[2010/08/03 08:47:55 | 004,436,159 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Kelly Rowland - Commander.mp3
[2012/05/26 20:18:18 | 000,344,057 | ---- | M] (Kosty@n ) -- C:\Documents and Settings\okay\Desktop\MultiMod.exe
[2012/05/29 01:11:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\okay\Desktop\OTL.exe
[2009/06/24 10:01:23 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Port Royale 2.lnk
[2009/11/16 23:07:14 | 1600,086,015 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\rld-s3wa.iso
[2010/07/05 10:17:42 | 000,001,957 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Robin Hood - Legenda Sherwoodu.lnk
[2005/06/11 13:30:12 | 000,069,632 | ---- | M] (Jacob) -- C:\Documents and Settings\okay\Desktop\SA Handling Editor.exe
[2008/08/27 12:56:34 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\SA-MP.lnk
[2012/05/26 17:13:03 | 000,739,328 | ---- | M] (Ph1012.com) -- C:\Documents and Settings\okay\Desktop\SA-MultiHack-1.2-.exe
[2009/01/06 11:59:42 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Tento počítač.lnk
[2008/06/19 17:01:21 | 000,033,280 | -HS- | M] () -- C:\Documents and Settings\okay\Desktop\Thumbs.db
[2009/11/03 21:20:27 | 000,000,553 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Total Commander.lnk
[2011/07/21 12:20:14 | 000,037,898 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\usama.jpg
[2010/01/01 19:43:20 | 000,000,517 | ---- | M] () -- C:\Documents and Settings\okay\Desktop\Zástupce - DOOM3.lnk

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >
[2012/04/30 13:14:11 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2009/05/21 11:07:00 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GTA San Andreas.lnk
[2009/06/22 21:50:20 | 000,001,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Knights of Honor.lnk
[2010/02/18 15:34:54 | 000,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Flight Simulator X.lnk
[2011/04/18 17:45:42 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenTTD.lnk
[2009/11/11 14:30:38 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PokerStars.lnk
[2009/11/03 20:18:29 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Richard Burns Rally.lnk

< *crack* /s >
[2008/09/04 07:56:18 | 000,077,411 | ---- | M] () -- \Documents and Settings\okay\Application Data\BitTorrent\The Sims 2 FreeTime + Crack.torrent
[2000/09/01 02:47:12 | 001,173,558 | ---- | M] () -- \Documents and Settings\okay\Desktop\age of empires 2\crack.zip
[2003/11/13 13:59:48 | 000,016,488 | ---- | M] () -- \Documents and Settings\okay\Desktop\Nepoužívané odkazy plochy\The Simpsons-Hit and Run\apu\w_carway_apu_cracker.rsd
[2003/11/13 13:59:48 | 000,016,488 | ---- | M] () -- \Documents and Settings\okay\Desktop\Nepoužívané odkazy plochy\The Simpsons-Hit and Run\apu\w_missa_apu_cracker.rsd
[2007/06/27 23:01:00 | 000,113,152 | ---- | M] () -- \Documents and Settings\okay\Desktop\Transformers THE GAME\cracktro.exe
[2007/06/05 10:19:44 | 000,317,440 | ---- | M] () -- \Documents and Settings\okay\Desktop\Transformers THE GAME\dlnoVa_cracktro.exe
[2007/09/26 18:36:11 | 004,894,848 | ---- | M] () -- \Documents and Settings\okay\My Documents\My Music\limewire2\Arabela-DJ crack.mp3
[2003/12/05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *loader* /s >
[2012/04/30 13:14:05 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\modules\skin\ajax-loader.gif
[2012/04/30 13:14:05 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\modules\skin\loader.gif
[2009/06/16 22:34:15 | 000,002,713 | ---- | M] () -- \Documents and Settings\okay\.limewire\browser\xulrunner\components\uriloader.xpt
[2008/02/01 19:35:40 | 000,003,113 | ---- | M] () -- \Documents and Settings\okay\Local Settings\Application Data\ApplicationHistory\LogonLoader.exe.cbfe2014.ini
[2009/07/10 12:31:39 | 005,425,280 | ---- | M] () -- \Documents and Settings\okay\My Documents\ICQ\277715069\ReceivedFiles\486695339 ___HoDuLkA___\Dave Darell - Freeloader (Spencer & Hill Remix).mp3
[2009/01/08 14:06:56 | 026,913,294 | ---- | M] () -- \Documents and Settings\okay\My Documents\youtube\Driftwood - Freeloader.avi
[2008/12/09 00:12:54 | 000,001,020 | ---- | M] () -- \Documents and Settings\okay\SendTo\AVS Mobile Uploader.lnk
[2008/04/14 09:51:40 | 000,017,421 | ---- | M] () -- \f14ee2c91a930052458c\i386\dmloader.dl_
[2008/04/14 01:01:48 | 000,115,367 | ---- | M] () -- \f14ee2c91a930052458c\i386\osloader.ex_
[2008/04/14 01:01:50 | 000,133,029 | ---- | M] () -- \f14ee2c91a930052458c\i386\osloader.nt_
[2006/03/15 16:00:00 | 000,017,423 | ---- | M] () -- \I386\DMLOADER.DL_
[2006/03/15 16:00:00 | 000,114,717 | ---- | M] () -- \I386\OSLOADER.EX_
[2006/03/15 16:00:00 | 000,132,317 | ---- | M] () -- \I386\OSLOADER.NT_
[2007/03/14 20:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007/03/14 18:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007/03/14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007/03/14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007/03/14 18:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007/03/14 18:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007/03/08 17:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2005/08/04 15:10:04 | 000,086,115 | ---- | M] () -- \Program Files\Common Files\Ahead\AudioPlugins\Downloaders.dll
[2007/04/26 13:53:34 | 002,638,848 | ---- | M] () -- \Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2003/09/04 09:28:12 | 000,015,227 | ---- | M] () -- \Program Files\Common Files\HP\Memories Disc\2.0\pcexp\COMMON\VIEW\INCLUDE\LOADER.JS
[2006/08/16 05:25:58 | 000,174,888 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue.dds
[2006/08/16 05:25:58 | 000,262,272 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_bump.dds
[2006/08/16 05:26:00 | 000,174,888 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_lm.dds
[2006/08/16 05:26:00 | 000,349,648 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderBlue_specular.dds
[2006/08/16 05:26:04 | 000,174,888 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey.dds
[2006/08/16 05:26:04 | 000,174,888 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\Scenery\Global\Texture\VEH_Air_BagLoaderGrey_lm.dds
[2006/09/04 22:21:28 | 000,301,367 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderBlue\model\VEH_Air_BagLoaderBlue.mdl
[2006/09/04 22:21:30 | 000,301,815 | ---- | M] () -- \Program Files\Microsoft Games\Microsoft Flight Simulator X\SimObjects\GroundVehicles\VEH_Air_BagLoaderGrey\model\VEH_Air_BagLoaderGrey.mdl
[2011/03/16 14:07:18 | 000,025,096 | ---- | M] () -- \Program Files\Mozilla Firefox\PartyPoker_Installer\Preloader.jpg
[2009/02/23 21:08:04 | 000,007,380 | ---- | M] () -- \Program Files\Team JPN\Fifa 2010\osdkdata\external\ion_sports07\fw\commonLoader.big
[2009/02/23 21:08:36 | 000,000,288 | ---- | M] () -- \Program Files\Team JPN\Fifa 2010\osdkdata\game\globalClasses\classLoader.big
[2001/12/05 05:00:00 | 000,003,789 | ---- | M] () -- \Program Files\Windows XP MUI Pack\CS.MUI\I386\OSLOADER.EXE.MU_
[2005/06/07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012/05/06 19:03:21 | 000,006,494 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\ajax-loader.gif.vir
[2012/05/06 19:03:21 | 000,000,729 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\loader.gif.vir
[2006/03/15 16:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2001/10/24 13:13:50 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\fallback\0405\osloader.exe.mui
[2002/12/12 01:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008/04/14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008/04/13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008/04/13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008/04/14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\dmloader.dll
[2008/04/13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\osloader.exe
[2008/04/13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\osloader.ntd
[2008/04/14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2002/12/12 01:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2004/08/10 14:00:00 | 000,030,067 | R--- | M] () -- \$WIN_NT$.~BT\serial.sy_
[2004/08/17 16:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2010/12/19 16:43:05 | 000,000,171 | ---- | M] () -- \Documents and Settings\okay\Local Settings\Application Data\Rockstar Games\GTA IV\Settings\serial.dat
[2008/04/14 08:47:26 | 000,014,459 | ---- | M] () -- \f14ee2c91a930052458c\i386\grserial.sy_
[2008/04/14 08:51:10 | 000,030,259 | ---- | M] () -- \f14ee2c91a930052458c\i386\serial.sy_
[2006/03/15 16:00:00 | 000,024,869 | ---- | M] () -- \I386\DPSERIAL.DL_
[2006/03/15 16:00:00 | 000,030,067 | ---- | M] () -- \I386\SERIAL.SY_
[2006/03/15 16:00:00 | 000,006,409 | ---- | M] () -- \I386\SERIALUI.DL_
[2007/03/14 18:05:52 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,001,545 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,000,833 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ReserializeAlert.exv
[2007/03/14 18:05:52 | 000,028,474 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\SerializationWF.exv
[2007/03/14 18:05:52 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007/03/14 18:05:52 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007/03/14 18:05:52 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
[2007/03/14 18:05:54 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007/03/14 18:05:54 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007/03/14 18:05:54 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007/03/14 18:05:54 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\ReserializeAlert.exv
[2007/03/14 18:05:54 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
[2007/03/15 11:19:10 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,001,545 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,000,833 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ReserializeAlert.exv
[2007/03/15 11:19:10 | 000,028,474 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\SerializationWF.exv
[2007/03/15 11:19:10 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 11:19:10 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007/03/15 11:19:12 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\ar_AE\SerializationWF.exv
[2007/03/15 11:19:14 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007/03/15 11:19:14 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007/03/15 11:19:14 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 11:19:16 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\he_IL\ReserializeAlert.exv
[2007/03/15 11:19:16 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS3\LMResources\he_IL\SerializationWF.exv
[2007/03/21 21:53:12 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/21 21:53:12 | 000,001,545 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/21 21:53:12 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/21 21:53:12 | 000,000,833 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ReserializeAlert.exv
[2007/03/21 21:53:12 | 000,028,474 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\SerializationWF.exv
[2007/03/21 21:53:14 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\BadSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\CantChangeSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\InValidUpGradeSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\ReserializeAlert.exv
[2007/03/21 21:53:14 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\SerializationWF.exv
[2007/03/21 21:53:14 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\he_il\BadSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\he_il\CantChangeSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\he_il\InValidUpGradeSerialNumberAlert.exv
[2007/03/21 21:53:14 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\he_il\ReserializeAlert.exv
[2007/03/21 21:53:14 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS3\LMResources\he_il\SerializationWF.exv
[2009/11/11 14:30:29 | 000,005,687 | ---- | M] () -- \Program Files\PokerStars\gx\tokenserial.jpg
[2010/04/07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2001/12/05 05:00:00 | 000,001,409 | ---- | M] () -- \Program Files\Windows XP MUI Pack\CS.MUI\I386\DPSERIAL.DLL.MU_
[2001/12/05 05:00:00 | 000,001,321 | ---- | M] () -- \Program Files\Windows XP MUI Pack\CS.MUI\I386\GRSERIAL.SYS.MU_
[2001/12/05 05:00:00 | 000,002,463 | ---- | M] () -- \Program Files\Windows XP MUI Pack\CS.MUI\I386\SERIAL.SYS.MU_
[2001/12/05 05:00:00 | 000,001,875 | ---- | M] () -- \Program Files\Windows XP MUI Pack\CS.MUI\I386\SERIALUI.DLL.MU_
[2006/03/15 16:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2006/06/16 11:03:59 | 000,011,264 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:04:00 | 000,011,264 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_es_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:04:00 | 000,011,264 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:04:00 | 000,011,264 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_it_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:03:59 | 000,012,288 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:03:59 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:03:59 | 000,020,480 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:03:59 | 000,020,480 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2006/06/16 11:29:42 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/08/28 14:47:59 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2006/06/16 11:12:24 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/05/10 12:09:26 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/06/14 12:30:46 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/04/20 11:12:50 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/05/10 12:15:31 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2011/04/16 16:50:57 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
[2012/05/10 19:20:30 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/04/18 19:24:01 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
[2011/04/16 16:56:08 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2005/01/20 04:11:10 | 000,017,133 | R--- | M] () -- \WINDOWS\inf\SocketSerialBT.inf
[2007/04/24 13:11:11 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2004/07/19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\System.Runtime.Serialization.Formatters.Soap.dll
[2002/02/22 22:29:54 | 000,011,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\DE\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/02/14 06:17:46 | 000,011,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\es\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/02/18 15:07:28 | 000,011,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\fr\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/02/18 13:32:04 | 000,011,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\it\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/01/25 07:05:02 | 000,012,288 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\JA\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/01/29 01:54:00 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\ko\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/01/29 01:53:54 | 000,020,480 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\zh-CHS\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2002/01/29 01:53:42 | 000,020,480 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.0.3705\zh-CHT\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2004/07/15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003/04/07 19:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008/07/25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001/10/24 13:08:36 | 000,004,096 | ---- | M] () -- \WINDOWS\mui\fallback\0405\dpserial.dll.mui
[2001/10/24 13:09:52 | 000,004,096 | ---- | M] () -- \WINDOWS\mui\fallback\0405\grserial.sys.mui
[2001/10/24 13:14:50 | 000,010,240 | ---- | M] () -- \WINDOWS\mui\fallback\0405\serial.sys.mui
[2001/10/24 13:14:50 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\fallback\0405\serialui.dll.mui
[2008/04/13 20:40:21 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008/04/13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004/07/19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2008/04/13 20:40:21 | 000,028,288 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\grserial.sys
[2008/04/13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\serial.sys
[2004/07/19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\system.runtime.serialization.formatters.soap.dll
[2006/03/15 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006/03/15 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006/03/15 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006/03/15 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008/04/13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[1 \WINDOWS\system32\drivers\*.tmp files -> \WINDOWS\system32\drivers\*.tmp -> ]

< *w7lxe* /s >

< *AutoRearm* /s >

< >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray" = C:\WINDOWS\ehome\ehtray.exe -- [2005/08/05 13:56:34 | 000,064,512 | ---- | M] (Microsoft Corporation)
"SoundMAXPnP" = C:\Program Files\Analog Devices\Core\smax4pnp.exe -- [2005/05/20 03:11:06 | 000,925,696 | ---- | M] (Analog Devices, Inc.)
"InCD" = C:\Program Files\Ahead\InCD\InCD.exe -- [2006/01/16 18:46:28 | 001,398,272 | ---- | M] (Nero AG)
"SCDEmuApp.exe" = C:\Program Files\PowerISO\SCDEmuApp.exe -- [2005/10/16 03:15:54 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.)
"BluetoothAuthenticationAgent" = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"AVG_TRAY" = "C:\Program Files\AVG\AVG2012\avgtray.exe" -- [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.)
"vProt" = "C:\Program Files\AVG Secure Search\vprot.exe" -- [2012/05/06 19:02:13 | 000,982,880 | ---- | M] ()
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed" = 1
"NoChange" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/05/29 01:16:24 | 000,000,512 | ---- | M] () MD5=3258DF62C4AA1E6D689FED1A9FF53A79 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

#13 Příspěvek od **Mc_Murphy** » 29 kvě 2012 07:03

Výborně, tak jelikož nám vypnuli proud těsně před odesláním dlouhého opravného scriptu, tak si to dám pro úspěch ještě jednou.

Vyčisti si Plochu od příliš velikých souborů, které tam máš. Velikost Plochy by neměla přesáhnout 300 MB, jinak se Ti bude systém zpomalovat.

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[clearallrestorepoints]
[resethosts]
[purity]
[emptytemp]
[emptyflash]

:Services
gusvc
CFcatchme

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lv302af.sys -- (pepifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\okay\LOCALS~1\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9czuqyc)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {251A1250-6C56-42A4-906A-BB6C44F2C65C}
IE - HKLM\..\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=VX&apn_dtid=&apn_uid=602CAED2-3EB1-40F4-AADF-E972EBD7B856&apn_sauid=EC1ACFCA-BCC2-4309-993D-246D71BEAD4A
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9D40258E-0D24-4433-A505-1BABE16ED1A2}&mid=81ba39ec84cc47d0af08d15e777a1267-e3f119e012000b4e44ea88dd14183f8b1835f115&lang=cs&ds=AVG&pr=pr&d=2012-04-30 13:12:23&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
IE - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - user.js - File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/04/30 13:14:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\
[2012/04/28 16:37:34 | 000,002,389 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\askcom.xml
[2009/06/23 11:06:48 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\conduit.xml
[2012/05/24 22:08:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-1.xml
[2009/04/24 07:45:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-10.xml
[2009/04/29 15:05:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-11.xml
[2009/06/16 19:19:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-12.xml
[2009/07/23 12:07:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-13.xml
[2009/08/04 19:26:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-14.xml
[2009/09/14 19:21:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-15.xml
[2009/10/29 13:51:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-16.xml
[2009/12/17 13:43:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-17.xml
[2009/12/28 12:02:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-18.xml
[2010/06/23 15:37:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-19.xml
[2008/09/10 11:33:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-2.xml
[2010/06/23 17:39:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-20.xml
[2010/07/22 16:14:39 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-21.xml
[2010/09/16 21:22:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-22.xml
[2010/10/17 10:31:39 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-23.xml
[2010/10/21 17:39:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-24.xml
[2010/11/02 19:20:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-25.xml
[2010/12/10 21:19:08 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-26.xml
[2011/03/04 12:37:55 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-27.xml
[2011/03/26 16:34:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-28.xml
[2011/07/04 15:44:14 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-29.xml
[2008/09/27 19:31:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-3.xml
[2008/09/28 01:42:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-4.xml
[2008/11/14 20:35:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-5.xml
[2008/12/18 15:38:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-6.xml
[2009/02/07 15:23:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-7.xml
[2009/03/06 15:50:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-8.xml
[2009/03/29 14:55:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-9.xml
[2009/03/01 14:02:44 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin.xml
[2009/07/14 15:29:27 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\qipsearch.xml
[2008/12/17 22:54:24 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\sweetim.xml
[2012/05/06 19:02:09 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll File not found
O2 - BHO: (no name) - {C333CF63-767F-4831-94AC-E683D962C63C} - No CLSID value found.
O3 - HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html File not found
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html File not found
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html File not found
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - Reg Error: Key error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Reg Error: Key error.)
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[54 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[18 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

:Files
c:\windows\MOTA113.exe
c:\windows\system32\AVSredirect.dll
c:\windows\system32\x.264.exe
c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\okay\Application Data\BitTorrent\The Sims 2 FreeTime + Crack.torrent /d
C:\Documents and Settings\okay\Desktop\age of empires 2\crack.zip /d
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
""=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

xtoncekx · #14 Příspěvek od **xtoncekx** » 30 kvě 2012 11:20

tak plocha je vyčištěna,ale po restartu se mi objevily na ploše tyto soubory: Thumbs.db ehthumbs.db desktop.ini

All processes killed
========== COMMANDS ==========
Error creating restore point.
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 637590 bytes

User: okay
->Temp folder emptied: 1708430 bytes
->Temporary Internet Files folder emptied: 40956 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 130393343 bytes
->Google Chrome cache emptied: 6009302 bytes
->Flash cache emptied: 4320 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 141538 bytes
%systemroot%\System32 .tmp files removed: 108665 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 104576 bytes
Windows Temp folder emptied: 1036031 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 134,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: okay
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service CFcatchme stopped successfully!
Service CFcatchme deleted successfully!
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service upperdev stopped successfully!
Service upperdev deleted successfully!
File system32\DRIVERS\usbser_lowerflt.sys not found.
Error: No service named PID_08A0) QuickCam IM(PID_08A0 was found to stop!
Service\Driver key PID_08A0) QuickCam IM(PID_08A0 not found.
File system32\DRIVERS\LV302AV.SYS not found.
Service pepifilter stopped successfully!
Service pepifilter deleted successfully!
File system32\DRIVERS\lv302af.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service Lvckap stopped successfully!
Service Lvckap deleted successfully!
File C:\WINDOWS\system32\drivers\Lvckap.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Error: No service named CFcatchme was found to stop!
Service\Driver key CFcatchme not found.
File C:\DOCUME~1\okay\LOCALS~1\Temp\CFcatchme.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Service BlueletSCOAudio stopped successfully!
Service BlueletSCOAudio deleted successfully!
File system32\DRIVERS\BlueletSCOAudio.sys not found.
Error: No service named a9czuqyc was found to stop!
Service\Driver key a9czuqyc not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{251A1250-6C56-42A4-906A-BB6C44F2C65C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-2813330045-4198384389-2232343112-1005\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{251A1250-6C56-42A4-906A-BB6C44F2C65C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{251A1250-6C56-42A4-906A-BB6C44F2C65C}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "http://search.icq.com/search/afe_result ... id=afex&q=" removed from sweetim.toolbar.previous.keyword.URL
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3 not found.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\qipsearch.xml moved successfully.
C:\Documents and Settings\okay\Application Data\Mozilla\Firefox\Profiles\4w9cz8aq.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C333CF63-767F-4831-94AC-E683D962C63C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C333CF63-767F-4831-94AC-E683D962C63C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2813330045-4198384389-2232343112-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Easy-WebPrint Add To Print List\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Easy-WebPrint High Speed Print\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Easy-WebPrint Preview\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Easy-WebPrint Print\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ not found.
C:\Program Files\PokerStars\PokerStarsUpdate.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E908B145-C847-4e85-B315-07E2E70DECF8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ deleted successfully.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP173.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199F.tmp\System.EnterpriseServices.Wrapper.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19A7.tmp\Microsoft.JScript.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19A7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19AD.tmp\System.Transactions.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19B3.tmp\System.Web.DynamicData.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19B3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19BA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19BF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CE.tmp\System.AddIn.Contract.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22.tmp\System.Deployment.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25.tmp\System.Configuration.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp\System.DirectoryServices.AccountManagement.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP293.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP32.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP378.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP398.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP469.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP530.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57.tmp\System.DirectoryServices.Protocols.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP615.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP647.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC2.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI10.tmp deleted successfully.
C:\WINDOWS\Installer\MSI104.tmp deleted successfully.
C:\WINDOWS\Installer\MSI11.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12.tmp deleted successfully.
C:\WINDOWS\Installer\MSI135.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI145.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16.tmp deleted successfully.
C:\WINDOWS\Installer\MSI167.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1CF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI21.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3.tmp deleted successfully.
C:\WINDOWS\Installer\MSI30.tmp deleted successfully.
C:\WINDOWS\Installer\MSI31.tmp deleted successfully.
C:\WINDOWS\Installer\MSI34.tmp deleted successfully.
C:\WINDOWS\Installer\MSI36.tmp deleted successfully.
C:\WINDOWS\Installer\MSI38.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI46.tmp deleted successfully.
C:\WINDOWS\Installer\MSI47.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI79.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI802.tmp deleted successfully.
C:\WINDOWS\Installer\MSI87.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9.tmp deleted successfully.
C:\WINDOWS\Installer\MSI99.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA3.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC4.tmp deleted successfully.
C:\WINDOWS\Installer\MSICA.tmp deleted successfully.
C:\WINDOWS\Installer\MSID.tmp deleted successfully.
C:\WINDOWS\Installer\MSIE.tmp deleted successfully.
C:\WINDOWS\Installer\MSIE7.tmp deleted successfully.
C:\WINDOWS\Installer\MSIEB.tmp deleted successfully.
C:\WINDOWS\Installer\MSIF.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\isp1471.tmp\_Setup.dll deleted successfully.
C:\WINDOWS\system32\config\systemprofile\isp1471.tmp folder deleted successfully.
C:\WINDOWS\system32\config\systemprofile\iss146E.tmp\setup.ini deleted successfully.
C:\WINDOWS\system32\config\systemprofile\iss146E.tmp folder deleted successfully.
C:\WINDOWS\twain_32\hpqgends.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.
========== FILES ==========
c:\windows\MOTA113.exe moved successfully.
c:\windows\system32\AVSredirect.dll moved successfully.
c:\windows\system32\x.264.exe moved successfully.
c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk moved successfully.
c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy folder moved successfully.
C:\Documents and Settings\okay\Application Data\BitTorrent\The Sims 2 FreeTime + Crack.torrent deleted successfully.
File\Folder C:\Documents and Settings\okay\Desktop\age of empires 2\crack.zip not found.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On okay Logon.job moved successfully.
C:\WINDOWS\system32\dllcache\_004489_.tmp.dll moved successfully.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater\\ deleted successfully.
Registry value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-\\MSMSGS deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.2.43.2 log created on 05302012_121010

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#15 Příspěvek od **Mc_Murphy** » 30 kvě 2012 12:10

Jdi do Ovládací panely >> Možnosti složky >> záložka Zobrazení a tam zaškrtni Skrýt chráněné soubory operačního systému (doporučeno) a Nezobrazovat skryté soubory a složky. Mělo by se to vrátit do původního stavu a ikony zase nebudou vidět.

Jinak OTL provedlo, co mělo a vymazalo spoustu bordýlku.

Jak se chová počítač teď?

VIRY.CZ

počítač se seká

počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká

Re: počítač se seká