prosím o kontrolu logu - funguje pouze stav nouze

[jhsoft]

Ahoj, potřeboval bych trochu helnout...Sestře z ničeho nic přestal fungovat noťas, hned po startu win7 systém zamrzne...HDD bliká jako o život,ale se systémem se nedá pracovat...pouze se otáčí kurzor(místo přesýpacích hodin) a nic se neděje..v režimu nouze systém pracuje naprosto v pořádku...chtěl jsem udělat log z RSIT,ale ten mi nejde spustit..dočetl jsem se, že je nutné ho ve win7 spouštět v kombatibilitě win xp,ale v režimu nouze tato kompatibilita není povolena...stáhl jsem alespoň hijack this a tady je log..prosím o kontrolu a případnou pomoc

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:35, on 2.5.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\gudaska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DDZ5YTX0\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\gudaska\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\gudaska\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.mumost.cz/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6268 bytes

[jhsoft]

Tak už se mi podařilo spustit RSIT...přes msconfig jsem zvolil diagnostic startup a systém mi v pohodě naběhnul..., takže asi poškozený nějaký ovladač nebo nějaká chyná služba??

Logfile of random's system information tool 1.06 (written by random/random)
Run by gudaska at 2010-05-02 18:03:11
WIN_XP Service Pack 3
System drive C: has 120 GB (54%) free of 223 GB
Total RAM: 3031 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:43, on 2.5.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\mmc.exe
C:\Users\gudaska\Desktop\RSIT.exe
C:\Users\gudaska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DDZ5YTX0\gudaska.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\gudaska\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.mumost.cz/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

--
End of file - 3986 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Install_NSS.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\gudaska\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-04-30 1243600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\boincmgr]
C:\Program Files\BOINC\boincmgr.exe [2008-12-09 4289280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\boinctray]
C:\Program Files\BOINC\boinctray.exe [2008-12-09 58112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\gudaska\AppData\Roaming\QipGuard\QipGuard.exe [2010-04-01 184272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-04-30 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-04-14 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~1\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2009-11-03 258048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^gudaska^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-09-16 384512]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-02 17:20:40 ----D---- C:\Users\gudaska\AppData\Roaming\Malwarebytes
2010-05-02 17:20:34 ----D---- C:\ProgramData\Malwarebytes
2010-05-02 17:20:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-02 16:31:36 ----D---- C:\rsit
2010-05-02 16:31:36 ----D---- C:\Program Files\trend micro
2010-05-02 15:37:18 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-30 20:41:49 ----D---- C:\Windows\pss
2010-04-30 20:06:24 ----D---- C:\Program Files\CCleaner
2010-04-30 20:04:23 ----D---- C:\Windows\system32\x64
2010-04-30 17:00:50 ----D---- C:\Program Files\Crawler
2010-04-30 17:00:43 ----D---- C:\Users\gudaska\AppData\Roaming\Spyware Terminator
2010-04-30 17:00:41 ----D---- C:\ProgramData\Spyware Terminator
2010-04-30 17:00:41 ----D---- C:\Program Files\Spyware Terminator
2010-04-30 07:36:48 ----A---- C:\Windows\ntbtlog.txt
2010-04-15 07:59:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-15 07:59:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-15 07:59:32 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 17:50:51 ----A---- C:\Windows\system32\javaws.exe
2010-04-14 17:50:51 ----A---- C:\Windows\system32\javaw.exe
2010-04-14 17:50:51 ----A---- C:\Windows\system32\java.exe
2010-04-14 17:50:51 ----A---- C:\Windows\system32\deploytk.dll
2010-04-14 17:43:51 ----D---- C:\Program Files\Common Files\Adobe
2010-04-14 17:43:51 ----D---- C:\Program Files\Adobe
2010-04-14 17:43:38 ----SHD---- C:\Config.Msi
2010-04-14 07:58:23 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 07:58:23 ----A---- C:\Windows\system32\cabview.dll
2010-04-09 17:59:12 ----A---- C:\Windows\system32\browserchoice.exe
2010-04-07 13:28:09 ----D---- C:\Users\gudaska\AppData\Roaming\QIP
2010-04-07 13:28:02 ----D---- C:\Users\gudaska\AppData\Roaming\QipGuard
2010-04-07 13:27:29 ----D---- C:\Program Files\QIP 2010
2010-04-03 11:35:07 ----D---- C:\Users\gudaska\AppData\Roaming\DivX
2010-04-03 11:34:58 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-04-03 11:31:44 ----D---- C:\ProgramData\DivX

======List of files/folders modified in the last 1 months======

2010-05-03 00:44:25 ----D---- C:\Windows\system32\LogFiles
2010-05-02 18:00:11 ----D---- C:\Windows\Temp
2010-05-02 17:20:35 ----D---- C:\Windows\system32\drivers
2010-05-02 17:20:34 ----HD---- C:\ProgramData
2010-05-02 17:20:34 ----D---- C:\Program Files
2010-05-02 16:49:15 ----D---- C:\Program Files\totalcmd
2010-05-02 16:30:11 ----D---- C:\EasyLanguage.English.v2.09.Multilingual-rG
2010-05-02 15:51:08 ----D---- C:\Windows\system32\DriverStore
2010-05-02 15:37:18 ----D---- C:\Program Files\Common Files
2010-05-02 14:11:34 ----D---- C:\Windows\System32
2010-05-02 14:11:34 ----D---- C:\Program Files\DivX
2010-04-30 21:58:25 ----D---- C:\Windows\system32\config
2010-04-30 21:52:55 ----D---- C:\Windows\inf
2010-04-30 21:52:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-30 21:48:20 ----D---- C:\Windows\system32\catroot
2010-04-30 21:34:55 ----SHD---- C:\System Volume Information
2010-04-30 21:23:07 ----D---- C:\Windows\winsxs
2010-04-30 20:56:22 ----D---- C:\Windows\Prefetch
2010-04-30 20:41:49 ----D---- C:\Windows
2010-04-30 20:17:34 ----D---- C:\ProgramData\BOINC
2010-04-30 17:53:49 ----D---- C:\Windows\system32\catroot2
2010-04-29 08:40:53 ----D---- C:\mp3
2010-04-25 23:29:02 ----D---- C:\Users\gudaska\AppData\Roaming\Skype
2010-04-25 17:24:12 ----D---- C:\Users\gudaska\AppData\Roaming\skypePM
2010-04-17 16:26:34 ----D---- C:\filmy
2010-04-15 15:33:49 ----D---- C:\Windows\system32\NDF
2010-04-14 17:50:57 ----SHD---- C:\Windows\Installer
2010-04-14 17:50:36 ----D---- C:\Program Files\Java
2010-04-14 17:43:54 ----D---- C:\ProgramData\Adobe
2010-04-14 12:13:03 ----SD---- C:\Users\gudaska\AppData\Roaming\Microsoft
2010-04-09 20:33:29 ----D---- C:\Windows\system32\Tasks
2010-04-09 15:15:36 ----D---- C:\Windows\ModemLogs
2010-04-09 15:15:20 ----D---- C:\Users\gudaska\AppData\Roaming\PC Suite
2010-04-09 14:21:47 ----D---- C:\Program Files\BOINC
2010-04-09 14:13:47 ----SD---- C:\ProgramData\Microsoft
2010-04-09 14:10:32 ----SHD---- C:\$Recycle.Bin
2010-04-09 14:10:24 ----RD---- C:\Users
2010-04-06 19:52:54 ----A---- C:\Windows\system32\MRT.exe
2010-04-05 11:06:11 ----D---- C:\Windows\Downloaded Program Files
2010-04-03 11:46:16 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
R3 CmBatt;Microsoft AC Adapter Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
R3 HidUsb;Microsoft HID Class Driver; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2009-03-09 56320]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 kbdhid;Keyboard HID Driver; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
R3 monitor;Microsoft Monitor Class Function Driver Service; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mouhid;Mouse HID Driver; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;UMBus Enumerator Driver; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-07-14 146176]
R3 vwifibus;Virtual WiFi Bus Driver; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-14 19968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-14 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-14 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-14 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-14 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-14 11904]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
S3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-02-27 221696]
S3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2010-02-27 95744]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 31872]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 93344]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-10-26 32800]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
S3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB Mass Storage Driver; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
S4 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S4 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S4 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S4 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
S4 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S4 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S4 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S4 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S4 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S4 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S4 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-30 488960]
S4 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
S4 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S4 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S4 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S4 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S4 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
S4 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
S4 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[motji]

Dobrý večer, koukneme na to

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[jhsoft]

Zdravím.., tak tady jsou ty logy.

OTL Extras logfile created on: 2.5.2010 23:48:03 - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\gudaska\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217,77 Gb Total Space | 117,08 Gb Free Space | 53,76% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 9,76 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GUDASKYPC
Current User Name: gudaska
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{213E2CCF-8265-444F-A6CA-40BD946A8D4A}" = NOT ONLY TV
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{467A0A77-B08B-432C-9973-4A2F05F31C59}" = BOINC
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"EasyLanguage_is1" = EasyLanguage
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Nokia PC Suite" = Nokia PC Suite
"rajče.net_is1" = rajče beta56 sestavení 134
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"TVWiz" = Intel(R) TV Wizard
"VobSub" = VobSub v2.23 (Remove Only)
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3403017633-3082895259-3626895742-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"QIP 2005" = QIP 2005 8095
"QIP 2010" = QIP 2010 10.4.23.3225
"QipGuard" = QIP Internet Guardian

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2.5.2010 10:30:11 | Computer Name = gudaskypc | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

[ Application Events ]
Error - 2.5.2010 9:55:00 | Computer Name = gudaskypc | Source = Application Error | ID = 1000
Description = Faulting application name: sppsvc.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bd351 Faulting module name: sppsvc.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bd351 Exception code: 0xc0000006 Fault offset: 0x0008ad66 Faulting process
id: 0x864 Faulting application start time: 0x01cae9fe660fcc57 Faulting application
path: C:\Windows\system32\sppsvc.exe Faulting module path: C:\Windows\system32\sppsvc.exe
Report
Id: 4c744003-55f2-11df-8a77-002219ee9b14

Error - 2.5.2010 9:55:00 | Computer Name = gudaskypc | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\sppsvc.exe for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Microsoft Software Protection
Platform Service because of this error. Program: Microsoft Software Protection Platform
Service File: C:\Windows\System32\sppsvc.exe The error value is listed in the Additional
Data section. User Action 1. Open the file again. This situation might be a temporary
problem that corrects itself when the program runs again. 2. If the file still cannot
be accessed and - It is on the network, your network administrator should verify
that there is not a problem with the network and that the server can be contacted.
-
It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the
disk is fully inserted into the computer. 3. Check and repair the file system by
running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click
OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem
persists, restore the file from a backup copy. 5. Determine whether other files
on the same disk can be opened. If not, the disk might be damaged. If it is a hard
disk, contact your administrator or computer hardware vendor for further assistance.

Additional
Data Error value: C0000185 Disk type: 3

Error - 2.5.2010 9:59:39 | Computer Name = gudaskypc | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16385,
time stamp: 0x4a5bc69e Faulting module name: IEFRAME.dll, version: 8.0.7600.16535,
time stamp: 0x4b838822 Exception code: 0xc0000006 Fault offset: 0x002d6fd9 Faulting
process id: 0x624 Faulting application start time: 0x01cae9feb8ab0d5a Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\IEFRAME.dll
Report
Id: e3863507-55f2-11df-8a77-002219ee9b14

Error - 2.5.2010 10:00:11 | Computer Name = gudaskypc | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\ieframe.dll for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Internet Explorer because of
this error. Program: Internet Explorer File: C:\Windows\System32\ieframe.dll The error
value is listed in the Additional Data section. User Action 1. Open the file again.
This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3

Error - 2.5.2010 10:00:11 | Computer Name = gudaskypc | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnscfg.exe, version: 12.0.7600.16385,
time stamp: 0x4a5bccbc Faulting module name: wmp.dll, version: 12.0.7600.16415,
time stamp: 0x4a98b4c2 Exception code: 0xc0000006 Fault offset: 0x000635be Faulting
process id: 0xc88 Faulting application start time: 0x01cae9fda6bad0f1 Faulting application
path: C:\Program Files\Windows Media Player\wmpnscfg.exe Faulting module path: C:\Windows\system32\wmp.dll
Report
Id: 00e83169-55f3-11df-8a77-002219ee9b14

Error - 2.5.2010 10:00:11 | Computer Name = gudaskypc | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\wmp.dll for one
of the following reasons: there is a problem with the network connection, the disk
that the file is stored on, or the storage drivers installed on this computer; or
the disk is missing. Windows closed the program Windows Media Player Network Sharing
Service Configuration Application because of this error. Program: Windows Media
Player Network Sharing Service Configuration Application File: C:\Windows\System32\wmp.dll

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your
network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 2.5.2010 10:22:59 | Computer Name = gudaskypc | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16385,
time stamp: 0x4a5bc69e Faulting module name: IEFRAME.dll, version: 8.0.7600.16535,
time stamp: 0x4b838822 Exception code: 0xc0000006 Fault offset: 0x00291836 Faulting
process id: 0x6e4 Faulting application start time: 0x01caea02b4c1ce5a Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\system32\IEFRAME.dll
Report
Id: 3531b055-55f6-11df-96b4-002219ee9b14

Error - 2.5.2010 10:22:59 | Computer Name = gudaskypc | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\ieframe.dll for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Internet Explorer because of
this error. Program: Internet Explorer File: C:\Windows\System32\ieframe.dll The error
value is listed in the Additional Data section. User Action 1. Open the file again.
This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3

Error - 2.5.2010 11:48:31 | Computer Name = gudaskypc | Source = MsiInstaller | ID = 11719
Description =

Error - 2.5.2010 11:51:44 | Computer Name = gudaskypc | Source = MsiInstaller | ID = 11719
Description =

[ System Events ]
Error - 2.5.2010 18:21:01 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:22:31 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:22:31 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:22:31 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:23:07 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:23:07 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:23:07 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:24:11 | Computer Name = gudaskypc | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 2.5.2010 18:27:15 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 2.5.2010 18:27:15 | Computer Name = gudaskypc | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >

[jhsoft]

OTL logfile created on: 2.5.2010 23:48:03 - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\gudaska\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217,77 Gb Total Space | 117,08 Gb Free Space | 53,76% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 9,76 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GUDASKYPC
Current User Name: gudaska
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.02 23:46:57 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\gudaska\Desktop\OTL.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.05.02 23:46:57 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\gudaska\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.04.30 17:00:47 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Stopped] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.06.02 11:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.10.26 04:43:54 | 000,032,800 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009.10.26 04:43:52 | 000,093,344 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2009.10.05 14:20:26 | 000,031,872 | R--- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.09.15 13:55:09 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 001,131,008 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.07.10 06:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2009.06.10 23:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009.03.09 09:58:16 | 000,056,320 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009.02.09 09:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 09:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 09:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 09:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.11.14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.11.13 21:52:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\gudaska\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003..\Run: [QIP Internet Guardian] C:\Users\gudaska\AppData\Roaming\QipGuard\QipGuard.exe ()
O4 - HKU\S-1-5-21-3403017633-3082895259-3626895742-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\gudaska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://webcam.mumost.cz/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009.07.14 04:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.02 23:46:49 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\gudaska\Desktop\OTL.exe
[2010.05.02 17:20:40 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Roaming\Malwarebytes
[2010.05.02 17:20:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.02 17:20:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.02 17:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.02 17:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.02 16:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.02 16:31:36 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.02 16:27:35 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Local\ElevatedDiagnostics
[2010.05.02 15:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.04.30 20:41:49 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.04.30 20:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.30 20:04:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2010.04.30 17:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.04.30 17:00:43 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Roaming\Spyware Terminator
[2010.04.30 17:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.04.30 17:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.04.21 15:10:45 | 000,000,000 | -HSD | C] -- C:\Users\gudaska\Phone Browser
[2010.04.15 07:59:34 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.15 07:59:34 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.15 07:59:32 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 17:50:51 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010.04.14 17:50:51 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.14 17:50:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.14 17:50:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.14 17:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.04.14 17:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.04.14 17:43:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.04.09 17:59:12 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.04.07 13:28:09 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Roaming\QIP
[2010.04.07 13:28:02 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Roaming\QipGuard
[2010.04.07 13:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\QIP 2010
[2010.04.03 11:35:07 | 000,000,000 | ---D | C] -- C:\Users\gudaska\AppData\Roaming\DivX
[2010.04.03 11:34:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.04.03 11:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2009.10.30 11:13:36 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

========== Files - Modified Within 30 Days ==========

[2010.05.02 23:46:57 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\gudaska\Desktop\OTL.exe
[2010.05.02 23:44:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.02 23:44:46 | 2383,589,376 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.02 18:22:57 | 001,572,864 | -HS- | M] () -- C:\Users\gudaska\NTUSER.DAT
[2010.05.02 18:03:41 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.02 18:03:41 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.02 17:20:37 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.02 16:32:22 | 000,781,909 | ---- | M] () -- C:\Users\gudaska\Desktop\RSIT.exe
[2010.05.02 15:44:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.02 15:37:43 | 010,270,208 | ---- | M] () -- C:\Users\gudaska\Desktop\SeaToolsforWindowsSetup-1201.exe
[2010.05.02 15:22:52 | 000,003,400 | ---- | M] () -- C:\bootsqm.dat
[2010.04.30 21:52:55 | 000,714,372 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.30 21:52:55 | 000,607,420 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.30 21:52:55 | 000,103,798 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.30 20:09:46 | 000,025,088 | ---- | M] () -- C:\Users\gudaska\Documents\cc_20100430_200937.reg
[2010.04.30 20:06:25 | 000,001,797 | ---- | M] () -- C:\Users\gudaska\Desktop\CCleaner.lnk
[2010.04.30 17:02:26 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.04.30 17:00:47 | 000,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.14 17:50:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010.04.14 17:50:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.14 17:50:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.14 17:50:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.14 17:44:30 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.04.09 20:33:29 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2010.04.07 13:28:02 | 000,000,896 | ---- | M] () -- C:\Users\gudaska\Desktop\QIP 2010.lnk
[2010.04.04 14:18:06 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\Install_NSS.job
[2010.04.03 11:46:31 | 000,001,596 | ---- | M] () -- C:\Users\gudaska\Desktop\DivX Movies.lnk
[2010.04.03 11:46:16 | 000,001,957 | ---- | M] () -- C:\Users\gudaska\Desktop\Install_NSS.lnk

========== Files Created - No Company Name ==========

[2010.05.02 18:06:35 | 000,001,976 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
[2010.05.02 18:06:35 | 000,001,199 | ---- | C] () -- C:\Users\gudaska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
[2010.05.02 17:20:37 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.02 16:32:21 | 000,781,909 | ---- | C] () -- C:\Users\gudaska\Desktop\RSIT.exe
[2010.05.02 15:37:40 | 010,270,208 | ---- | C] () -- C:\Users\gudaska\Desktop\SeaToolsforWindowsSetup-1201.exe
[2010.05.02 15:22:52 | 000,003,400 | ---- | C] () -- C:\bootsqm.dat
[2010.04.30 20:09:43 | 000,025,088 | ---- | C] () -- C:\Users\gudaska\Documents\cc_20100430_200937.reg
[2010.04.30 20:06:25 | 000,001,797 | ---- | C] () -- C:\Users\gudaska\Desktop\CCleaner.lnk
[2010.04.30 17:02:26 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.04.30 17:00:47 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010.04.14 17:43:56 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.04.09 20:33:29 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2010.04.07 13:28:02 | 000,000,896 | ---- | C] () -- C:\Users\gudaska\Desktop\QIP 2010.lnk
[2010.04.03 11:46:16 | 000,001,957 | ---- | C] () -- C:\Users\gudaska\Desktop\Install_NSS.lnk
[2010.04.03 11:46:16 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\Install_NSS.job
[2010.02.22 20:28:40 | 000,073,832 | R--- | C] () -- C:\Windows\System32\SuperFrameSplitter.dll
[2010.02.22 20:28:40 | 000,053,248 | R--- | C] () -- C:\Windows\System32\RTKDABMWare.dll
[2009.11.15 12:54:26 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009.10.30 11:06:24 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2009.10.30 11:06:24 | 000,147,456 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.10 06:44:40 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2005.05.06 20:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2010.02.15 21:10:18 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\Facebook
[2010.02.26 22:15:35 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\GHISLER
[2010.01.25 12:32:22 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\Nokia
[2009.11.15 12:45:46 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\OpenOffice.org
[2010.04.09 15:15:20 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\PC Suite
[2010.04.07 13:28:09 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\QIP
[2010.04.07 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\QipGuard
[2010.05.02 16:19:47 | 000,000,000 | ---D | M] -- C:\Users\gudaska\AppData\Roaming\Spyware Terminator
[2010.04.09 14:11:48 | 000,000,000 | ---D | M] -- C:\Users\jhsoft\AppData\Roaming\GHISLER
[2010.04.04 14:18:06 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010.04.30 21:01:06 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.04.30 17:00:47 | 003,037,696 | ---- | M] (Crawler.com)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
"QIP Internet Guardian" = C:\Users\gudaska\AppData\Roaming\QipGuard\QipGuard.exe -- [2010.04.01 17:20:40 | 000,184,272 | ---- | M] ()
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 16:12:42 | 001,414,144 | ---- | M] (Nokia)

< c:\windows\*.* /U >


< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 19:43:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009.04.11 19:43:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.04.11 19:43:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.04.11 19:59:39 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.11 19:59:39 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.11 19:59:39 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows.old\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.11 19:59:39 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows.old\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[jhsoft]

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows.old\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.08.27 22:13:53 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.08.27 22:13:53 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.08.27 22:13:52 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows.old\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.02.08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008.02.08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows.old\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows.old\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< End of report >

[motji]

Ted to vypadá s počítačem jak? Popravdě nic zvláštního nevidím

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[jhsoft]

je to pořád stejné..., mám trochu podezření, že vodítko budou ty chyby v eventlogu..., když chci spustit např explorer, tak se spustí až třeba po hodině...a v event logu je error u ieframe.dll .... no uvidíme..jdu udělat ten log a pak ho sem nahodím..

[jhsoft]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4059

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

3.5.2010 14:40:05
mbam-log-2010-05-03 (14-40-05).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 310218
Uplynulý čas: 1 hodina(y), 2 minuta(y), 6 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 25
Infikované soubory: 342

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Users\gudaska\Local Settings\Application Data\qip (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Plugins (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5 (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008 (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\331087922_tatínek (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\462908880_michaldpp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\63263672_jhsoft (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943 (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\BackupCL (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\History (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\RcvdFiles (Rogue.Multiple) -> No action taken.

Infikované soubory:
C:\Users\gudaska\Local Settings\Application Data\qip\qip.exe (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\unins000.dat (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\unins000.exe (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\current.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\langs.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\chars_r.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\chars_t.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\desc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\lang.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_cntry.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_intrsts.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_langs.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_marital.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_occup.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_orgs.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_past.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\English\_rndchat.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\chars_r.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\chars_t.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\desc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\lang.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_cntry.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_intrsts.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_langs.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_marital.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_occup.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_orgs.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_past.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\LI\Russian\_rndchat.lng (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Plugins\docking.dll (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\current.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\skins.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\addopt.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\allicons.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\clbg.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\clevent.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\clstatus.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Colors.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\desc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\downbutton1.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fadehlp.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fadehlpt.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fademsg.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fademsgt.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fadesrv.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\fadesrvt.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\msgbg.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\msgbge.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\noimage.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\qipbtn.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\signs.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\splash.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\statuses.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\st_custom.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\title.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\tray.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\tray2k.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\upbutton1.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\upbutton2.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\upbutton3.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\userinfo.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\vis.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\aa.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ab.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ac.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ad.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ae.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\af.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ag.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ah.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ai.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\aj.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ak.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\al.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\am.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\an.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ao.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ap.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\aq.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ar.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\as.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\at.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\au.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\av.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\aw.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ax.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ay.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\az.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\ba.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bb.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bc.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bd.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\be.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bf.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bg.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bh.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bi.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bj.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bk.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bl.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bm.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bn.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bo.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bp.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bq.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\br.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bs.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bt.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bu.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bv.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\bw.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\Copyright(eng).txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\Copyright.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Animated\_define.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\aa.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ab.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ac.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ad.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ae.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\af.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ag.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ah.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ai.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\aj.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ak.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\al.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\am.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\an.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ao.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ap.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\aq.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ar.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\as.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\at.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\au.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\av.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\aw.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ax.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ay.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\ba.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\bb.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\bc.bmp (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Skins\ICQ5\Smilies\Static\_define.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndAuth.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndGlobal.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndMsg.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndMsgSent.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndPlugin.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndRemSelf.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndSrvMsg.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndStartup.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Sounds\sndSystem.wav (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\.lcl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\.nil (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\Accounts.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\Config.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\Default.cfg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_botq.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_events.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_eye.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_groups.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_depr.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_dnd.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_evil.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_ffc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_home.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_lunch.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_na.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_occup.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_m_work.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_premsg.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\_st_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.lcl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\276083008.nil (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Config.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_birth.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_botq.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_events.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_eye.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_groups.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_depr.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_dnd.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_evil.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_ffc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_home.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_lunch.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_na.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_occup.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_m_work.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_premsg.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_st_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\_st_cust.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2009_11.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2009_11.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2009_11.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2009_11.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_02.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_02.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_02.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_02.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_03.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_03.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_03.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_03.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_04.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_04.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_04.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\BackupCL\276083008_2010_04.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\209276293.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\216432290.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\222692382.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\224522534.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\268513552.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\276108372.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\290388482.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\297664787.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\301122353.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\304449114.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\315083505.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\330473457.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\339307293.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\343578310.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\351937545.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\359839734.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\373783133.gif (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\397063277.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\407513866.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\417459919.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\489430882.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\492902306.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\494726352.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\495385188.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\Devils\563644906.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\202756569.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\276108372.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\290568513.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\297664787.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\301122353.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\315083505.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\331087922.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\332438215.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\336380049.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\340309600.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\350968559.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\351937545.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\359839734.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\363065960.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\390918720.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\407513866.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\407853886.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\410373008.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\411192367.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\412930037.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\451522043.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\451902903.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\458138625.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\462908880.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\466850787.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\479921734.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\485060739.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\485141937.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\492902306.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\558859285.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\559229766.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\560224156.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\564630806.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\564766900.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\580400718.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\580913877.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\581711943.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\585853768.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\586209236.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\592528265.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\596943945.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\63263672.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\637922027.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\History\_srvlog.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\201_2167.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0005.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0014.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0019.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0758.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0766.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0767.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0771.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\IMG_0898.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010020.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010028.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010039.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010049.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010061.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010074.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010078.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010102.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P1010143.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\P4300895.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\PICT5476.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\PICT5482.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\301122353_Kalos\PICT5485.JPG (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\331087922_tatínek\Obraz023.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\331087922_tatínek\Obraz029.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\331087922_tatínek\Obraz034.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\331087922_tatínek\Obraz035.jpg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\63263672_jhsoft\02 - Take Me Down.mp3 (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\276083008\RcvdFiles\63263672_jhsoft\16 - Spaste svoje duše.mp3 (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.clv (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.lcl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\581711943.nil (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\Config.ini (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_botq.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_events.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_eye.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_groups.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_depr.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_dnd.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_evil.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_ffc.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_home.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_lunch.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_na.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_occup.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_m_work.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_premsg.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_st_away.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\_st_cust.txt (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\BackupCL\581711943_2010_04.cl (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\BackupCL\581711943_2010_04.clg (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\BackupCL\581711943_2010_04.cli (Rogue.Multiple) -> No action taken.
C:\Users\gudaska\Local Settings\Application Data\qip\Users\581711943\BackupCL\581711943_2010_04.clv (Rogue.Multiple) -> No action taken.

[motji]

Můžete pár těch souborů otestovat na www.virustotal.com?
např
C:\Users\gudaska\Local Settings\Application Data\qip\qip.exe

[jhsoft]

Zdá se, že jsem odhalil problém...a sice hned po zhlédnutí eventlogu mě zarazilo toto...

Error - 2.5.2010 18:24:11 | Computer Name = gudaskypc | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

pátral jsem dál a přišel jsem na to, že by to mohla být známka odcházejícího HDD...pustil jsem utilitu SeaTools od Seagate a ta odhalila chybu..a nabídla opravu..po opravě už ntb najede do normálního režimu,ale je šíleně pomalý..., takže nejspíš opravdu ten hdd odchází...

[motji]

Do příkazového řádku napište
chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat

[jhsoft]

Chkdsk jsem dělal ještě před tím, než jsem psal sem a nic se nezměnilo. Problém vyřešen..tento týden mi přivezou nový disk. Podpora na základě screenu a chování přiznala vadu disku. Omlouvám se za planých poplach a děkuji za Váš čas:-)

[motji]

Není zač, jsem ráda, že jste to vyřešil