Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola PC - Hotbar/MyWebSearch Toolbary

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Kontrola PC - Hotbar/MyWebSearch Toolbary

#1 Příspěvek od cutmatic »

Dobry den, poprosil bych o kontrolu logu. Nemam sice s pc zadny problem, ale behem poslednich dvou tydnu jsem navstivil par stranek ktere by mohly obsahovat urcity spyware. Instaloval jsem i par aplikaci ktere by tez mohly obsahovat nejake viry.

Prosim o kontrolu a navod jak se zbavit vsech znamek po Hotbaru a MyWebSearch Toolbaru. Dekuji

###

Logfile of random's system information tool 1.06 (written by random/random)
Run by stream at 2010-05-11 15:15:56
Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (5%) free of 107 GB
Total RAM: 1983 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:16:08, on 11/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Common Files\AOL\1198952913\ee\AOLSoftware.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Alpha Clock\aclock.exe
C:\Program Files\Wakoopa\Wakoopa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\Windows Update.exe
C:\Program Files\MyLifeOrganized.net\MLO\mlo.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\M-Audio\Fast Track Pro\MAUSBInst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\foobar2000\foobar2000.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Weather Clock\WeatherClock.exe
C:\Program Files\Weather Clock\WClock.exe
C:\Documents and Settings\stream\Desktop\RSIT.exe
C:\Program Files\trend micro\stream.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... fxO2jgr6Eg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\stream\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Mini Site Templates Toolbar - {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\stream\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Mini Site Templates Toolbar - {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Mini Site Templates Toolbar - {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll
O3 - Toolbar: Digsby Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1198952913\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ShaPlus Bandwidth Meter] "C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [Alpha Clock] C:\Program Files\Alpha Clock\aclock.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun
O4 - HKCU\..\Run: [Wakoopa] C:\Program Files\Wakoopa\Wakoopa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\stream\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Windows Updater] "C:\WINDOWS\system32\Windows Update.exe"
O4 - HKCU\..\Run: [WeatherClock] C:\Program Files\Weather Clock\WeatherClock.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: HappyFish.lnk = C:\Program Files\ThirstyCrow\HappyFish\HappyFish.exe
O4 - Startup: MyLife Organized.lnk = C:\Program Files\MyLifeOrganized.net\MLO\mlo.exe
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010033006
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
O9 - Extra 'Tools' menuitem: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1EBCBEBC-A81E-4E7D-A5AD-C70FF67CEF9E}: NameServer = 213.94.190.235,213.94.190.195
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio USB Installer (MAudioUSBService) - M-Audio - C:\Program Files\M-Audio\Fast Track Pro\MAUSBInst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10738 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-412668190-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-412668190-682003330-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\stream\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
AIM Toolbar Loader - C:\Program Files\AIM Toolbar\aimtb.dll [2010-01-26 1303888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c36c216f-519d-41ac-8e5a-08b401da1c3f}]
Mini Site Templates Toolbar - C:\Program Files\Mini_Site_Templates\tbMini.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Digsby Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-27 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F385C231-605B-4d8f-ACA9-DBFF765BBE17}]
Adblock Pro - C:\Program Files\Adblock Pro\AdblockPro.dll [2008-04-07 458752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:\Program Files\AIM Toolbar\aimtb.dll [2010-01-26 1303888]
{c36c216f-519d-41ac-8e5a-08b401da1c3f} - Mini Site Templates Toolbar - C:\Program Files\Mini_Site_Templates\tbMini.dll [2010-03-17 2355224]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Digsby Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-07-27 61952]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-11-01 307200]
"HostManager"=C:\Program Files\Common Files\AOL\1198952913\ee\AOLSoftware.exe [2006-11-14 50736]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-23 81920]
"M-Audio Taskbar Icon"=C:\WINDOWS\System32\M-AudioTaskBarIcon.exe [2005-12-13 91136]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-23 8478720]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-06-29 198160]
"ShaPlus Bandwidth Meter"=C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter /s []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504]
"Citrus Alarm Clock"=C:\Program Files\Citrus Alarm Clock\citrusac.exe [2001-10-21 513024]
"Alpha Clock"=C:\Program Files\Alpha Clock\aclock.exe [2003-10-23 69120]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2009-10-08 5662720]
"Wakoopa"=C:\Program Files\Wakoopa\Wakoopa.exe [2009-03-25 573440]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\stream\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-18 135664]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"WordWeb"=C:\Program Files\WordWeb\wweb32.exe [2009-11-08 65216]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Windows Updater"=C:\WINDOWS\system32\Windows Update.exe [2010-05-10 540672]
"Weather Clock"= []
"WeatherClock"=C:\Program Files\Weather Clock\WeatherClock.exe [2010-01-31 2243072]

C:\Documents and Settings\stream\Start Menu\Programs\Startup
HappyFish.lnk - C:\Program Files\ThirstyCrow\HappyFish\HappyFish.exe
MyLife Organized.lnk - C:\Program Files\MyLifeOrganized.net\MLO\mlo.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2009-11-21 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Documents and Settings\stream\Desktop\qip_infinum9000\infium.exe"="C:\Documents and Settings\stream\Desktop\qip_infinum9000\infium.exe:*:Enabled:QIP Infium Beta"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Program Files\Soulseek-Test\slsk.exe"="C:\Program Files\Soulseek-Test\slsk.exe:*:Enabled:SoulSeek"
"C:\Program Files\Steam\steamapps\harmonic_33\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\harmonic_33\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Look@LAN\LookAtHost.exe"="C:\Program Files\Look@LAN\LookAtHost.exe:*:Enabled:Look@HOST"
"C:\Program Files\Look@LAN\LookAtLan.exe"="C:\Program Files\Look@LAN\LookAtLan.exe:*:Enabled:Look@LAN"
"C:\Games\Half-Life\hl.exe"="C:\Games\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Games\HALF LIFE COMPIL N°1\hl.exe"="C:\Games\HALF LIFE COMPIL N°1\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Clear FTP 2006\clearftp.exe"="C:\Program Files\Clear FTP 2006\clearftp.exe:*:Enabled:clearftp"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-05-11 15:04:28 ----D---- C:\Documents and Settings\stream\Application Data\Weather Clock
2010-05-11 15:04:27 ----D---- C:\Program Files\Weather Clock
2010-05-11 14:56:15 ----D---- C:\WINDOWS\LastGood
2010-05-11 14:53:35 ----SHD---- C:\Config.Msi
2010-05-11 14:41:49 ----A---- C:\WINDOWS\system32\log 11.05.2010_02.41.txt
2010-05-10 21:59:21 ----D---- C:\Program Files\Lead Samurai
2010-05-10 21:58:38 ----A---- C:\WINDOWS\system32\log 10.05.2010_09.58.txt
2010-05-10 21:58:38 ----A---- C:\WINDOWS\system32\ddfger.dll
2010-05-10 21:58:37 ----A---- C:\WINDOWS\system32\Windows Update.exe
2010-05-10 21:00:32 ----D---- C:\Google Sniper
2010-05-10 19:28:11 ----A---- C:\WINDOWS\XMailer.INI
2010-05-10 19:21:18 ----D---- C:\Program Files\fec
2010-05-10 19:00:35 ----D---- C:\Program Files\FBP - Facebook Blaster Pro
2010-05-06 23:26:55 ----D---- C:\Program Files\SendBlaster
2010-05-05 00:00:14 ----D---- C:\Program Files\DAEMON Tools Lite
2010-05-04 23:59:56 ----D---- C:\Documents and Settings\stream\Application Data\DAEMON Tools Lite
2010-05-04 23:59:53 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2010-05-04 19:35:15 ----D---- C:\Program Files\Morgan
2010-05-02 16:49:35 ----D---- C:\Documents and Settings\stream\Application Data\Grasssoft
2010-05-02 16:49:26 ----D---- C:\Documents and Settings\All Users\Application Data\Grasssoft
2010-05-02 16:49:22 ----D---- C:\Program Files\GrassSoft
2010-04-30 18:09:50 ----D---- C:\Documents and Settings\stream\Application Data\Digsby
2010-04-30 18:09:50 ----D---- C:\Documents and Settings\All Users\Application Data\Digsby
2010-04-30 18:09:17 ----D---- C:\Program Files\Ask.com
2010-04-30 18:07:34 ----D---- C:\Program Files\Digsby
2010-04-29 15:26:54 ----D---- C:\Program Files\MyLifeOrganized.net
2010-04-29 15:19:22 ----D---- C:\Program Files\AllMyNotes Organizer
2010-04-29 12:42:42 ----D---- C:\DESKTOP
2010-04-27 00:23:04 ----D---- C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers
2010-04-27 00:22:42 ----D---- C:\Program Files\DVDVideoSoft
2010-04-27 00:22:42 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-25 16:36:12 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2010-04-25 16:36:12 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2010-04-25 16:36:10 ----D---- C:\Documents and Settings\stream\Application Data\WeatherDPA
2010-04-25 16:36:02 ----D---- C:\Program Files\Hotbar
2010-04-20 21:58:31 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-20 00:57:34 ----D---- C:\Documents and Settings\stream\Application Data\CoffeeCup Software
2010-04-20 00:52:36 ----A---- C:\WINDOWS\system32\BORLNDMM.DLL
2010-04-20 00:43:11 ----D---- C:\Program Files\CoffeeCup Software
2010-04-17 21:08:05 ----D---- C:\Program Files\I Koder
2010-04-17 13:36:59 ----D---- C:\Documents and Settings\stream\Application Data\mIRC
2010-04-16 08:56:09 ----D---- C:\Program Files\Email Address Extractor
2010-04-15 23:49:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lencom
2010-04-15 23:49:17 ----D---- C:\Documents and Settings\stream\Application Data\Lencom
2010-04-15 23:49:13 ----D---- C:\Program Files\Lencom Software Inc
2010-04-15 23:49:13 ----D---- C:\Program Files\Common Files\LencomShare
2010-04-15 09:32:12 ----D---- C:\Program Files\Torrent Assault
2010-04-15 00:23:17 ----D---- C:\Program Files\Desktop Notepad
2010-04-14 03:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 03:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 03:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 03:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 03:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 03:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 03:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$

======List of files/folders modified in the last 1 months======

2010-05-11 15:16:05 ----D---- C:\Program Files\trend micro
2010-05-11 15:13:33 ----D---- C:\WINDOWS
2010-05-11 15:13:31 ----D---- C:\WINDOWS\Temp
2010-05-11 15:12:31 ----RD---- C:\Program Files
2010-05-11 15:12:31 ----D---- C:\WINDOWS\system32
2010-05-11 15:11:54 ----D---- C:\Program Files\Spyware Terminator
2010-05-11 15:11:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-05-11 14:59:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-11 14:58:28 ----D---- C:\Documents and Settings\stream\Application Data\Spyware Terminator
2010-05-11 14:58:00 ----D---- C:\Program Files\WinUHA
2010-05-11 14:56:45 ----D---- C:\Program Files\QIP Infium
2010-05-11 14:55:56 ----SHD---- C:\WINDOWS\Installer
2010-05-11 14:55:13 ----D---- C:\WINDOWS\Prefetch
2010-05-11 14:54:21 ----D---- C:\Program Files\Hide My IP 2009
2010-05-11 14:53:16 ----D---- C:\Program Files\Common Files
2010-05-11 14:51:47 ----D---- C:\Program Files\Clear FTP 2006
2010-05-11 14:51:46 ----D---- C:\Documents and Settings\stream\Application Data\Micropro
2010-05-11 14:46:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-11 14:45:13 ----A---- C:\WINDOWS\wincmd.ini
2010-05-11 14:41:57 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-05-11 14:39:13 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-05-11 14:38:59 ----D---- C:\Documents and Settings\stream\Application Data\uTorrent
2010-05-11 14:37:54 ----D---- C:\Documents and Settings\stream\Application Data\foobar2000
2010-05-11 00:31:15 ----D---- C:\Downloads
2010-05-10 21:52:56 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-05-10 19:02:17 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2010-05-10 08:06:23 ----D---- C:\Documents and Settings\stream\Application Data\skypePM
2010-05-10 07:36:05 ----D---- C:\Documents and Settings\stream\Application Data\Skype
2010-05-09 16:30:52 ----D---- C:\# TEMP #
2010-05-09 11:41:58 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-05-07 13:08:58 ----D---- C:\Documents and Settings\All Users\Application Data\Soulseek
2010-05-06 03:02:21 ----RSD---- C:\WINDOWS\assembly
2010-05-06 03:01:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-05-05 00:21:47 ----A---- C:\WINDOWS\ODBC.INI
2010-05-05 00:20:17 ----D---- C:\Program Files\Microsoft Office
2010-05-05 00:18:24 ----D---- C:\WINDOWS\system
2010-05-05 00:14:14 ----HD---- C:\WINDOWS\inf
2010-05-05 00:08:45 ----A---- C:\WINDOWS\m3jpeg.ini
2010-05-04 17:42:10 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2010-05-04 17:38:10 ----D---- C:\Documents and Settings\stream\Application Data\Sony
2010-05-04 17:33:18 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2010-05-04 17:32:49 ----D---- C:\Program Files\Sony
2010-05-03 11:25:39 ----D---- C:\# MY BUSINESS #
2010-04-30 18:09:24 ----SD---- C:\WINDOWS\Tasks
2010-04-18 15:49:13 ----D---- C:\Documents and Settings\stream\Application Data\Keyword Research Pro
2010-04-14 03:03:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 03:03:36 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 03:03:29 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-03-29 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 75856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-03-29 42912]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-03-29 94544]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2003-03-31 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2003-03-31 55936]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-03-29 23152]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2007-10-07 822272]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-07-27 581632]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MAUSB;Service for M-Audio Fast Track Pro Driver (WDM); C:\WINDOWS\system32\DRIVERS\mausb.sys [2005-12-13 102528]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-08-23 6844864]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 ajx855wj;ajx855wj; C:\WINDOWS\system32\drivers\ajx855wj.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\stream\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys [2006-05-13 88960]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-01-16 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 ute3ntiz;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\ute3ntiz.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-03-29 17272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-03-29 144760]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-27 152984]
R2 MAudioUSBService;M-Audio USB Installer; C:\Program Files\M-Audio\Fast Track Pro\MAUSBInst.exe [2005-12-02 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-23 155716]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-03-29 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-03-29 345464]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#2 Příspěvek od Caroprd111 »

Zdravím :)


Obrázek Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229
  • Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
  • Nic nemažte :!: MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
  • Log vložte sem.
Obrázek
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#3 Příspěvek od cutmatic »

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

11/05/2010 18:03:12
mbam-log-2010-05-11 (18-03-12).txt

Scan type: Full scan (C:\|)
Objects scanned: 356597
Time elapsed: 2 hour(s), 22 minute(s), 40 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 57
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 7
Files Infected: 37

Memory Processes Infected:
C:\WINDOWS\system32\Windows Update.exe (Password.Stealer) -> No action taken.

Memory Modules Infected:
c:\program files\Hotbar\bin\11.0.175.0\hotbarsahook.dll (Adware.Hotbar) -> No action taken.

Registry Keys Infected:
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\ktssleay80_0.9.8.2.dll (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows updater (Password.Stealer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.
C:\Program Files\Hotbar (Adware.Hotbar) -> No action taken.
C:\Program Files\Hotbar\bin (Adware.Hotbar) -> No action taken.
C:\Program Files\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\stream\Application Data\WeatherDPA (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar (Adware.Hotbar) -> No action taken.

Files Infected:
C:\Documents and Settings\stream\PRO-ver355.exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\stream\Local Settings\temp\nsb3F.tmp\Install.dll (Adware.Seekmo) -> No action taken.
C:\Documents and Settings\stream\Local Settings\temp\nsj3B.tmp\Install.dll (Adware.Seekmo) -> No action taken.
C:\Documents and Settings\stream\My Documents\Downloads\MyFunCardsSetup2.3.67.1.ZUman000.exe (Adware.MyWebSearch) -> No action taken.
C:\Program Files\AAS\Lounge Lizard 3.0\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Arturia\Arp2600 V\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Arturia\Moog Modular V 2\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Atari\Temple of Elemental Evil\TOEE.EXE (Malware.Packer.Gen) -> No action taken.
C:\Program Files\Native Instruments\XPress Keyboards\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\EDIROL\Hyper Canvas DXi\Edirol Hyper Canvas Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\VSTplugins\Audio Damage\907uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\VSTplugins\Audio Damage\dubuninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\VSTplugins\Audiorealism\Bassline Pro\Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\VSTplugins\LinPlug Instruments\Saxlab Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\VSTplugins\NovationBassStation\bassuninstall\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\KORG\KORG Legacy DIGITAL\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Games\HALF LIFE COMPIL N°1\gearbox\Dq2249.icd (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{C606CE5E-2182-4FFD-BC2E-99AE8F8D64C3}\RP630\A0159092.exe (Adware.Agent) -> No action taken.
C:\System Volume Information\_restore{C606CE5E-2182-4FFD-BC2E-99AE8F8D64C3}\RP642\A0161779.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{C606CE5E-2182-4FFD-BC2E-99AE8F8D64C3}\RP642\A0161780.exe (Trojan.Agent.CK) -> No action taken.
C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> No action taken.
C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSAHook.dll (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> No action taken.
C:\WINDOWS\system32\ktlibeay80_0.9.8.2.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\ktssleay80_0.9.8.2.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\Windows Update.exe (Password.Stealer) -> No action taken.
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#4 Příspěvek od Caroprd111 »

Obrázek Vše, co našel MBAM smažte a restartujte PC.


Obrázek Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#5 Příspěvek od cutmatic »

OTL logfile created on: 11/05/2010 20:34:49 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\stream\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.17 Gb Total Space | 4.69 Gb Free Space | 4.50% Space Free | Partition Type: NTFS
Drive D: | 7.62 Gb Total Space | 2.48 Gb Free Space | 32.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 931.51 Gb Total Space | 88.64 Gb Free Space | 9.52% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STREAM98
Current User Name: stream
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/11 20:33:23 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stream\Desktop\OTL.exe
PRC - [2010/04/05 11:25:34 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/01/31 23:48:00 | 002,243,072 | ---- | M] (Respect Soft) -- C:\Program Files\Weather Clock\WeatherClock.exe
PRC - [2010/01/31 23:22:36 | 000,094,208 | ---- | M] () -- C:\Program Files\Weather Clock\WClock.exe
PRC - [2009/11/08 23:18:00 | 000,065,216 | ---- | M] (WordWeb Software) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2009/06/30 18:38:28 | 003,919,872 | ---- | M] (mylifeorganized.net) -- C:\Program Files\MyLifeOrganized.net\MLO\mlo.exe
PRC - [2009/06/29 21:53:25 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/03/25 14:40:14 | 000,573,440 | ---- | M] (Wakoopa) -- C:\Program Files\Wakoopa\Wakoopa.exe
PRC - [2008/11/06 14:06:32 | 000,151,552 | ---- | M] (ShaPlus Software) -- C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe
PRC - [2008/10/28 18:45:02 | 000,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/29 18:37:02 | 000,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/03/29 18:36:22 | 000,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008/03/29 18:30:47 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/03/29 18:11:18 | 000,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007/12/30 11:23:34 | 001,365,504 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2007/06/06 07:00:00 | 001,074,896 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2006/11/14 15:01:21 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1198952913\ee\aolsoftware.exe
PRC - [2005/12/13 11:39:34 | 000,091,136 | ---- | M] (M-Audio, an Avid Technology, Inc. company) -- C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
PRC - [2005/12/02 10:20:46 | 000,049,152 | ---- | M] (M-Audio) -- C:\Program Files\M-Audio\Fast Track Pro\MAUSBInst.exe
PRC - [2005/11/01 01:00:00 | 000,307,200 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
PRC - [2003/10/23 05:17:06 | 000,069,120 | ---- | M] () -- C:\Program Files\Alpha Clock\aclock.exe


========== Modules (SafeList) ==========

MOD - [2010/05/11 20:33:23 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stream\Desktop\OTL.exe
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/09/27 13:40:14 | 000,488,523 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
MOD - [2007/07/11 16:06:58 | 000,042,672 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll
MOD - [2007/07/11 16:06:58 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll


========== Win32 Services (SafeList) ==========

SRV - [2008/03/29 18:37:02 | 000,144,760 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008/03/29 18:36:22 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008/03/29 18:30:47 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008/03/29 18:11:18 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005/12/02 10:20:46 | 000,049,152 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files\M-Audio\Fast Track Pro\MAUSBInst.exe -- (MAudioUSBService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - [2010/05/05 00:01:21 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/27 17:46:15 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ute3ntiz.sys -- (ute3ntiz)
DRV - [2008/04/15 20:04:45 | 000,012,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2008/04/14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/03/29 18:35:49 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/03/29 18:35:21 | 000,094,544 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2008/03/29 18:31:34 | 000,075,856 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2008/03/29 18:29:08 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008/03/29 18:27:33 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008/03/29 18:26:52 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/01/16 09:58:58 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2007/10/07 15:30:58 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/23 23:15:00 | 006,844,864 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/03/06 12:27:32 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/03/06 12:27:28 | 000,058,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/02/16 08:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/07/27 14:44:42 | 000,581,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/13 17:52:56 | 000,088,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2005/12/13 11:39:54 | 000,102,528 | ---- | M] (Midiman/M-Audio) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mausb.sys -- (MAUSB) Service for M-Audio Fast Track Pro Driver (WDM)
DRV - [2005/05/09 20:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2005/01/07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2003/03/31 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003/03/31 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/01/10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... fxO2jgr6Eg
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\stream\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\URLSearchHook: {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=en"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.9
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.2
FF - prefs.js..extensions.enabledItems: goog@ind.net:2.4
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.0.5
FF - prefs.js..extensions.enabledItems: webrank-toolbar@probcomp.com:2.1
FF - prefs.js..extensions.enabledItems: {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.0.145
FF - prefs.js..extensions.enabledItems: {cdd4ec87-8e25-4b42-b8fb-484fdd6a2131}:0.22
FF - prefs.js..extensions.enabledItems: savesession@noasobi.net:1.3.1.6
FF - prefs.js..extensions.enabledItems: lintasnusa@gmail.com:1.2


FF - HKLM\software\mozilla\Firefox\Extensions\\Hotbar@Hotbar.com: C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/01 22:17:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/11 14:53:16 | 000,000,000 | ---D | M]

[2010/04/03 19:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Extensions
[2010/04/03 19:39:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\stream\Application Data\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2010/05/11 20:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions
[2010/04/28 17:53:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/11 20:23:05 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2010/04/09 00:22:21 | 000,000,000 | ---D | M] (Sage) -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
[2010/04/27 00:23:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/05/06 09:14:46 | 000,000,000 | ---D | M] (CPALead Ticker) -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\{cdd4ec87-8e25-4b42-b8fb-484fdd6a2131}
[2010/05/11 20:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com
[2010/03/15 18:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\goog@ind.net
[2010/05/07 23:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com
[2010/05/11 20:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\rankchecker@seobook.com
[2010/05/07 13:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net
[2010/03/14 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com
[2010/05/01 22:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com
[2010/04/07 23:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com
[2010/03/22 20:48:27 | 000,002,240 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\searchplugins\google-trends.xml
[2010/05/11 20:23:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/01 23:50:22 | 000,083,248 | ---- | M] (Pinball Corporation.) -- C:\Program Files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll

O1 HOSTS File: ([2010/03/13 01:41:23 | 000,000,722 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.micronichefinder.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\stream\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Mini Site Templates Toolbar) - {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll (Conduit Ltd.)
O2 - BHO: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Adblock Pro) - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Mini Site Templates Toolbar) - {c36c216f-519d-41ac-8e5a-08b401da1c3f} - C:\Program Files\Mini_Site_Templates\tbMini.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\Toolbar\WebBrowser: (Mini Site Templates Toolbar) - {C36C216F-519D-41AC-8E5A-08B401DA1C3F} - C:\Program Files\Mini_Site_Templates\tbMini.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\Toolbar\WebBrowser: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1198952913\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\M-AudioTaskBarIcon.exe (M-Audio, an Avid Technology, Inc. company)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ShaPlus Bandwidth Meter] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Alpha Clock] C:\Program Files\Alpha Clock\aclock.exe ()
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe (Mark McIntyre)
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Infium] C:\Program Files\QIP Infium\infium.exe (QIP)
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Wakoopa] C:\Program Files\Wakoopa\Wakoopa.exe (Wakoopa)
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Weather Clock] File not found
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [WeatherClock] C:\Program Files\Weather Clock\WeatherClock.exe (Respect Soft)
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O4 - Startup: C:\Documents and Settings\stream\Start Menu\Programs\Startup\HappyFish.lnk = C:\Program Files\ThirstyCrow\HappyFish\HappyFish.exe File not found
O4 - Startup: C:\Documents and Settings\stream\Start Menu\Programs\Startup\MyLife Organized.lnk = C:\Program Files\MyLifeOrganized.net\MLO\mlo.exe (mylifeorganized.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
O9 - Extra 'Tools' menuitem : Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll (Stardock Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\stream\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\stream\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/14 02:37:58 | 000,000,000 | ---D | M] - C:\Auto Content Cash -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat,) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/01/23 16:19:38 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CFHD - C:\WINDOWS\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465059307421696)

========== Files/Folders - Created Within 30 Days ==========

[2010/05/11 20:32:03 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stream\Desktop\OTL.exe
[2010/05/11 15:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\Site Sniper Pro
[2010/05/11 15:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Download Manager
[2010/05/11 15:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\Malwarebytes
[2010/05/11 15:36:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/11 15:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/11 15:36:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/11 15:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/11 15:13:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\stream\Recent
[2010/05/11 15:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\Weather Clock
[2010/05/11 15:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Weather Clock
[2010/05/11 14:53:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/10 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lead Samurai
[2010/05/10 21:00:32 | 000,000,000 | ---D | C] -- C:\Google Sniper
[2010/05/10 19:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\fec
[2010/05/10 19:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\FBP - Facebook Blaster Pro
[2010/05/10 18:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\BHStorm2
[2010/05/10 15:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\Top Technics
[2010/05/09 12:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\Gmail Maker
[2010/05/06 23:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\SendBlaster
[2010/05/05 00:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/05/04 23:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\DAEMON Tools Lite
[2010/05/04 23:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/05/04 19:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\Morgan
[2010/05/02 16:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\Grasssoft
[2010/05/02 16:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grasssoft
[2010/05/02 16:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\GrassSoft
[2010/05/01 16:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Local Settings\Application Data\AskToolbar
[2010/04/30 18:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\My Documents\Digsby Logs
[2010/04/30 18:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Local Settings\Application Data\Digsby
[2010/04/30 18:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\Digsby
[2010/04/30 18:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Digsby
[2010/04/30 18:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/04/30 18:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\Digsby
[2010/04/30 16:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\FB
[2010/04/29 15:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\MyLifeOrganized.net
[2010/04/29 15:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\My Documents\MyLifeOrganized
[2010/04/29 15:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\AllMyNotes Organizer
[2010/04/29 12:42:42 | 000,000,000 | ---D | C] -- C:\DESKTOP
[2010/04/27 00:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers
[2010/04/27 00:22:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\My Documents\DVDVideoSoft
[2010/04/27 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/04/27 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/04/25 09:46:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\YT_LoopHole Videos
[2010/04/20 21:58:31 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/04/20 00:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\My Documents\CoffeeCup Software
[2010/04/20 00:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\CoffeeCup Software
[2010/04/20 00:52:36 | 000,018,944 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\BORLNDMM.DLL
[2010/04/20 00:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\CoffeeCup Software
[2010/04/17 21:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\I Koder
[2010/04/17 13:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\mIRC
[2010/04/17 12:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\Email Lists
[2010/04/16 17:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Desktop\portablevv07.ucoz.ru
[2010/04/16 17:58:01 | 009,017,390 | ---- | C] (AtomPark Software) -- C:\Documents and Settings\stream\Desktop\Atomic Email Hunter.exe
[2010/04/16 08:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Email Address Extractor
[2010/04/15 23:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lencom
[2010/04/15 23:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Local Settings\Application Data\Xenocode
[2010/04/15 23:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\Application Data\Lencom
[2010/04/15 23:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LencomShare
[2010/04/15 23:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\Lencom Software Inc
[2010/04/15 09:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Torrent Assault
[2010/04/15 09:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stream\My Documents\Torrent Assault
[2010/04/15 00:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Desktop Notepad
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/11 20:33:23 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stream\Desktop\OTL.exe
[2010/05/11 20:19:03 | 000,459,192 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/11 20:19:03 | 000,078,942 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/11 20:19:01 | 000,548,386 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/11 20:18:30 | 000,005,616 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010/05/11 20:16:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/11 20:16:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/11 20:16:18 | 2079,244,288 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/11 20:14:22 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\stream\ntuser.dat
[2010/05/11 20:07:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-412668190-682003330-1003UA.job
[2010/05/11 20:01:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/05/11 18:58:21 | 000,008,513 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\donuts.JPG
[2010/05/11 15:58:08 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Site Sniper Pro.lnk
[2010/05/11 15:36:57 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/11 14:45:01 | 000,006,533 | ---- | M] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb
[2010/05/11 14:42:32 | 000,006,533 | ---- | M] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-11.ddb
[2010/05/11 14:41:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/11 06:07:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-412668190-682003330-1003Core.job
[2010/05/10 21:59:22 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Lead Samurai.lnk
[2010/05/10 21:58:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ddfger.dll
[2010/05/10 20:09:02 | 000,976,538 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\newblackhatcash.pdf
[2010/05/10 19:36:10 | 000,018,712 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\All-StarsT.rar
[2010/05/10 19:28:11 | 000,000,458 | ---- | M] () -- C:\WINDOWS\XMailer.INI
[2010/05/10 19:21:19 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Super Email Sender.lnk
[2010/05/10 19:02:57 | 000,002,321 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FBP - Facebook Blaster Pro.lnk
[2010/05/10 19:02:17 | 000,034,308 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010/05/10 16:38:35 | 000,036,779 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\juno.m3u
[2010/05/09 11:41:58 | 000,001,515 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010/05/09 10:41:01 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\stream\Start Menu\Programs\Startup\MyLife Organized.lnk
[2010/05/09 01:35:28 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\stream\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/07 13:13:53 | 000,006,533 | ---- | M] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-07.ddb
[2010/05/07 12:56:35 | 000,002,629 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\SoftwareSubmitterPro.lnk
[2010/05/06 10:53:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/05/05 00:21:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/05 00:14:23 | 000,006,533 | ---- | M] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-05.ddb
[2010/05/05 00:08:45 | 000,000,650 | ---- | M] () -- C:\WINDOWS\m3jpeg.ini
[2010/05/05 00:01:21 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/05/04 17:42:10 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010/05/04 17:42:10 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/05/04 17:42:10 | 000,000,032 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010/05/04 17:38:02 | 000,002,532 | ---- | M] () -- C:\Documents and Settings\stream\My Documents\Register Vegas.htm
[2010/05/04 17:33:40 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vegas 7.0.lnk
[2010/05/04 01:16:29 | 000,012,182 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\fb.csv
[2010/05/03 11:25:39 | 000,043,892 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\tasker.ml
[2010/05/01 21:53:37 | 005,038,333 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Internet_Success_Manual.pdf
[2010/04/30 18:09:42 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Digsby.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 15:26:55 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\MyLife Organized.lnk
[2010/04/29 02:08:15 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Google Chrome.lnk
[2010/04/28 23:34:31 | 000,508,143 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\1900.jpeg
[2010/04/27 20:36:51 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Windows Movie Maker.lnk
[2010/04/27 00:24:26 | 000,000,983 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Free YouTube Uploader.lnk
[2010/04/27 00:24:19 | 000,000,983 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\Free YouTube Download.lnk
[2010/04/23 00:45:19 | 000,015,013 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\n1602932230_5748.jpg
[2010/04/19 16:43:27 | 000,001,373 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/04/17 19:08:06 | 000,002,525 | ---- | M] () -- C:\Documents and Settings\stream\Desktop\AdWords Editor.lnk
[2010/04/15 23:50:03 | 000,099,227 | ---- | M] () -- C:\Program Files\Common Files\Engines.lnl
[2010/04/15 09:32:15 | 000,002,014 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Torrent Assault.lnk
[2010/04/14 23:27:33 | 000,000,040 | ---- | M] () -- C:\forestgreen.frg
[2010/04/14 23:26:19 | 000,000,002 | ---- | M] () -- C:\boot.int
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/11 18:58:21 | 000,008,513 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\donuts.JPG
[2010/05/11 15:58:08 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Site Sniper Pro.lnk
[2010/05/11 15:36:57 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/11 14:42:32 | 000,006,533 | ---- | C] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-11.ddb
[2010/05/10 21:59:22 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Lead Samurai.lnk
[2010/05/10 21:58:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ddfger.dll
[2010/05/10 20:07:53 | 000,976,538 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\newblackhatcash.pdf
[2010/05/10 19:56:53 | 004,665,263 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\bhcodeguide.pdf
[2010/05/10 19:36:10 | 000,018,712 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\All-StarsT.rar
[2010/05/10 19:28:11 | 000,000,458 | ---- | C] () -- C:\WINDOWS\XMailer.INI
[2010/05/10 19:21:19 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Super Email Sender.lnk
[2010/05/10 19:00:36 | 000,002,321 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FBP - Facebook Blaster Pro.lnk
[2010/05/09 10:41:01 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\stream\Start Menu\Programs\Startup\MyLife Organized.lnk
[2010/05/07 13:13:53 | 000,006,533 | ---- | C] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-07.ddb
[2010/05/05 00:14:23 | 000,006,533 | ---- | C] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb - backup 10-05-05.ddb
[2010/05/04 17:38:02 | 000,002,532 | ---- | C] () -- C:\Documents and Settings\stream\My Documents\Register Vegas.htm
[2010/05/04 17:33:40 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vegas 7.0.lnk
[2010/05/01 21:52:45 | 005,038,333 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Internet_Success_Manual.pdf
[2010/04/30 18:09:42 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Digsby.lnk
[2010/04/30 18:09:24 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/04/29 18:02:12 | 000,012,182 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\fb.csv
[2010/04/29 16:07:02 | 000,043,892 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\tasker.ml
[2010/04/29 15:26:55 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\MyLife Organized.lnk
[2010/04/29 15:19:32 | 000,006,533 | ---- | C] () -- C:\Documents and Settings\stream\My Documents\AllMyNotes Documents.ddb
[2010/04/28 23:34:29 | 000,508,143 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\1900.jpeg
[2010/04/27 20:36:51 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Windows Movie Maker.lnk
[2010/04/27 00:24:26 | 000,000,983 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Free YouTube Uploader.lnk
[2010/04/27 00:24:19 | 000,000,983 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Free YouTube Download.lnk
[2010/04/23 00:45:18 | 000,015,013 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\n1602932230_5748.jpg
[2010/04/15 09:32:15 | 000,002,014 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Torrent Assault.lnk
[2010/04/14 23:26:19 | 000,000,040 | ---- | C] () -- C:\forestgreen.frg
[2010/04/14 23:26:19 | 000,000,002 | ---- | C] () -- C:\boot.int
[2010/04/14 18:21:29 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\stream\Desktop\Rank Decoding Engine.exe
[2010/03/31 20:06:52 | 000,002,455 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2010/01/22 23:04:16 | 000,000,650 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2009/12/23 20:16:18 | 000,000,217 | ---- | C] () -- C:\WINDOWS\MPPAGER.INI
[2009/12/12 00:07:56 | 000,000,525 | ---- | C] () -- C:\WINDOWS\KeywordsAnalyzer.INI
[2009/11/27 17:46:13 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\ute3ntiz.sys
[2009/11/21 20:51:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/11/19 18:50:21 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2009/11/12 00:19:19 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/10/15 18:14:34 | 000,000,060 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009/10/04 13:01:22 | 000,000,056 | ---- | C] () -- C:\WINDOWS\sierra.ini
[2009/05/03 18:00:08 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/05/03 18:00:08 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/05/03 18:00:08 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/01/30 18:56:59 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008/10/02 13:17:23 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SQ.INI
[2008/09/19 04:43:27 | 000,000,122 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2008/08/15 21:51:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/16 21:40:13 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/04/09 20:47:58 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/02/15 19:05:43 | 000,000,032 | ---- | C] () -- C:\WINDOWS\ODOMETER.INI
[2008/01/24 20:28:58 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2008/01/10 14:33:08 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/12 19:22:00 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2007/10/10 13:04:30 | 000,001,515 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007/10/09 01:23:49 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/10/07 16:03:19 | 000,005,616 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007/10/07 15:07:32 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/10/07 15:07:26 | 000,001,816 | ---- | C] () -- C:\WINDOWS\System32\nvprfctr.ini
[2007/06/06 17:58:30 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ktzlib80.dll
[2006/07/20 20:58:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/07/20 20:58:00 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/07/20 20:58:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/07/20 20:58:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/04/28 11:39:45 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
[2005/10/14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/10/14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/10/14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/10/14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/10/14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/10/14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/10/14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/10/14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004/06/10 22:14:07 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\imsisp.dll
[2004/06/10 22:14:07 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\imslevel.dll

========== LOP Check ==========

[2008/12/11 20:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2010/02/23 17:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/02/23 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2008/11/04 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/11 19:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/10/15 18:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConMet
[2010/05/05 00:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/05/11 14:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grasssoft
[2007/10/09 16:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iZotope
[2008/10/01 18:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KORG
[2010/03/31 20:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2008/10/30 15:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2010/04/15 23:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lencom
[2010/03/13 01:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
[2009/01/12 20:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2010/02/26 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/04/03 18:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PY_Software
[2010/05/04 17:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/05/07 13:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/05/11 15:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010/05/11 20:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/12 20:23:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
[2009/01/12 20:23:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
[2009/01/12 20:23:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}
[2008/12/11 20:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Ableton
[2010/02/23 17:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\acccore
[2009/03/18 18:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Adblock Pro
[2009/10/30 17:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Applied Acoustics Systems
[2008/10/12 17:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Audacity
[2008/11/04 17:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Azureus
[2009/12/04 21:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\BlogDesk
[2010/04/20 00:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\CoffeeCup Software
[2009/10/15 18:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ConMet
[2010/05/05 00:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DAEMON Tools Lite
[2009/09/18 18:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DMCache
[2010/04/27 00:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers
[2009/11/22 00:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ElevatedDiagnostics
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#6 Příspěvek od cutmatic »

[2010/05/11 20:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\foobar2000
[2010/05/02 16:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Grasssoft
[2009/09/18 18:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\IDM
[2007/10/07 17:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\IrfanView
[2008/06/29 16:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Jpeg Resampler
[2008/04/15 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Kerio
[2010/04/18 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Keyword Research Pro
[2008/10/01 18:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\KORG
[2010/03/31 20:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\LangSoft
[2009/04/29 14:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Leadertech
[2010/04/16 21:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Lencom
[2010/05/11 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Micropro
[2009/04/14 14:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\MxBoost
[2007/10/07 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\NetMedia Providers
[2007/10/07 12:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Opera
[2009/02/10 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Progeny
[2007/10/07 18:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Publish Providers
[2009/01/11 23:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\REAPER
[2008/04/09 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\RegClean
[2010/05/04 17:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Sony
[2007/10/07 18:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Sony Setup
[2010/05/11 14:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Spyware Terminator
[2008/09/01 19:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Steinberg
[2009/09/22 23:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\SystemRequirementsLab
[2010/05/11 14:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\uTorrent
[2010/01/27 12:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ViralSubmitter
[2010/05/11 15:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Weather Clock
[2008/08/15 20:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Web Page Maker
[2008/12/18 23:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Wireshark
[2008/09/01 22:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\zweitgeist
[2010/05/11 20:01:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Rainlendar2" = C:\Program Files\Rainlendar2\Rainlendar2.exe -- [2007/12/30 11:23:34 | 001,365,504 | ---- | M] ()
"Citrus Alarm Clock" = C:\Program Files\Citrus Alarm Clock\citrusac.exe -- [2001/10/21 23:50:36 | 000,513,024 | ---- | M] (Mark McIntyre)
"Alpha Clock" = C:\Program Files\Alpha Clock\aclock.exe -- [2003/10/23 05:17:06 | 000,069,120 | ---- | M] ()
"Infium" = "C:\Program Files\QIP Infium\infium.exe" /autorun -- [2009/10/08 13:17:40 | 005,662,720 | ---- | M] (QIP)
"Wakoopa" = C:\Program Files\Wakoopa\Wakoopa.exe -- [2009/03/25 14:40:14 | 000,573,440 | ---- | M] (Wakoopa)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008/04/14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\stream\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2009/11/18 17:52:08 | 000,135,664 | ---- | M] (Google Inc.)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008/04/14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)
"WordWeb" = "C:\Program Files\WordWeb\wweb32.exe" -startup -- [2009/11/08 23:18:00 | 000,065,216 | ---- | M] (WordWeb Software)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Weather Clock" =
"WeatherClock" = C:\Program Files\Weather Clock\WeatherClock.exe -- [2010/01/31 23:48:00 | 002,243,072 | ---- | M] (Respect Soft)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2008/12/11 20:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2007/12/18 23:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/02/23 17:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/02/23 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2010/02/23 17:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/01/01 20:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/09 15:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2008/11/04 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/01/11 19:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/10/15 18:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConMet
[2010/05/05 00:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/04/30 18:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digsby
[2009/10/15 18:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/05/11 14:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grasssoft
[2007/10/09 16:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iZotope
[2008/10/01 18:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KORG
[2010/03/31 20:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2008/10/30 15:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2010/04/15 23:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lencom
[2007/12/29 19:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2010/05/11 15:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/13 01:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
[2010/02/20 20:45:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/05/10 21:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/01/12 20:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2008/04/24 23:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2010/02/26 22:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/04/03 18:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PY_Software
[2010/03/07 18:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2008/04/20 13:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/05/04 17:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/05/07 13:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/05/11 15:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010/05/11 20:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/12 20:23:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
[2009/01/12 20:23:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
[2009/01/12 20:23:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2008/12/15 11:45:41 | 003,002,432 | ---- | M] (Native Instruments ) -- C:\Documents and Settings\All Users\Application Data\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}\Traktor Setup.exe
[2008/10/29 16:12:27 | 002,931,320 | ---- | M] (Native Instruments ) -- C:\Documents and Settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}\Service Center Setup.exe
[2008/11/17 11:04:47 | 002,666,192 | ---- | M] (Native Instruments ) -- C:\Documents and Settings\All Users\Application Data\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}\Audio 8 DJ Driver Setup.exe
[2008/10/30 15:41:24 | 000,683,801 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Last.fm\Client\UninstFoo3\unins000.exe
[2008/04/24 23:28:55 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe

< %APPDATA%\*. >
[2008/12/11 20:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Ableton
[2010/02/23 17:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\acccore
[2009/03/18 18:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Adblock Pro
[2010/02/23 09:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Adobe
[2007/12/19 21:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\AdobeUM
[2007/10/07 17:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Ahead
[2008/01/10 14:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\AOL
[2008/01/01 20:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Apple Computer
[2009/10/30 17:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Applied Acoustics Systems
[2008/10/12 17:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Audacity
[2008/11/04 17:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Azureus
[2009/12/04 21:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\BlogDesk
[2010/04/20 00:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\CoffeeCup Software
[2009/10/15 18:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ConMet
[2010/05/05 00:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DAEMON Tools Lite
[2010/04/30 18:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Digsby
[2009/05/03 22:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DivX
[2009/09/18 18:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DMCache
[2009/04/12 14:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\dvdcss
[2010/04/27 00:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\DVDVideoSoftIEHelpers
[2009/11/22 00:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ElevatedDiagnostics
[2010/05/11 20:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\foobar2000
[2010/04/03 19:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Google
[2010/05/02 16:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Grasssoft
[2007/10/07 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Help
[2007/10/07 12:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Identities
[2009/09/18 18:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\IDM
[2007/10/07 13:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\InstallShield
[2007/10/07 17:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\IrfanView
[2008/06/29 16:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Jpeg Resampler
[2008/04/15 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Kerio
[2010/04/18 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Keyword Research Pro
[2008/10/01 18:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\KORG
[2010/03/31 20:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\LangSoft
[2009/04/29 14:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Leadertech
[2010/04/16 21:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Lencom
[2009/03/23 18:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Macromedia
[2010/05/11 15:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Malwarebytes
[2007/11/25 02:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Media Player Classic
[2010/05/11 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Micropro
[2010/03/25 20:26:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\stream\Application Data\Microsoft
[2010/04/17 17:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\mIRC
[2009/12/16 17:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla
[2009/04/14 14:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\MxBoost
[2007/10/07 20:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\NetMedia Providers
[2007/10/07 12:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Opera
[2009/02/10 15:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Progeny
[2007/10/07 18:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Publish Providers
[2009/09/06 14:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Real
[2009/01/11 23:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\REAPER
[2008/04/09 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\RegClean
[2008/02/03 01:03:49 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\stream\Application Data\SecuROM
[2010/05/10 07:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Skype
[2010/05/10 08:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\skypePM
[2010/05/04 17:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Sony
[2007/10/07 18:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Sony Setup
[2010/05/11 14:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Spyware Terminator
[2008/09/01 19:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Steinberg
[2008/04/08 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Sun
[2009/09/22 23:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\SystemRequirementsLab
[2010/05/11 14:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\uTorrent
[2010/01/27 12:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\ViralSubmitter
[2007/11/07 20:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\vlc
[2010/05/11 15:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Weather Clock
[2008/08/15 20:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Web Page Maker
[2009/10/27 00:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Winamp
[2007/10/07 14:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\WinRAR
[2008/12/18 23:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Wireshark
[2008/09/01 22:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\zweitgeist

< %APPDATA%\*.exe /s >
[2009/09/14 16:06:40 | 003,080,520 | ---- | M] (Tonec Inc.) -- C:\Documents and Settings\stream\Application Data\IDM\idmupdt.exe
[2001/01/01 00:00:00 | 000,168,128 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\dskyjump\DSJ.EXE
[2008/04/24 20:51:56 | 002,431,628 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe4
[2008/04/24 20:51:56 | 001,998,456 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe5
[2008/04/24 20:51:56 | 001,751,680 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe6
[2008/04/24 20:51:56 | 002,091,896 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe7
[2008/04/24 20:51:56 | 002,601,100 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe1
[2008/04/24 20:51:56 | 001,958,260 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe2
[2008/04/24 20:51:56 | 001,491,888 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\directx_mar2008_redist_41\directx_mar2008_redist.exe3
[2008/04/24 21:03:38 | 000,133,976 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33411_42\sp33411.exe1
[2008/04/24 21:00:15 | 002,540,775 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33411_42\sp33411.exe2
[2008/04/24 21:00:27 | 002,534,554 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33411_42\sp33411.exe3
[2008/04/24 21:01:45 | 007,678,646 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33537_43\sp33537.exe1
[2008/04/24 21:04:01 | 000,005,808 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33537_43\sp33537.exe2
[2008/04/24 21:07:00 | 000,172,552 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33537_43\sp33537.exe3
[2008/04/24 21:07:17 | 015,414,116 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\sp33537_44\sp33537.exe3
[2009/04/30 15:30:25 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\TS203EN_333\TS203EN.EXE
[2009/04/30 15:31:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\stream\Application Data\IDM\DwnlData\stream\TS203EN_334\TS203EN.EXE
[2010/04/15 23:49:30 | 000,007,278 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{1186703C-E6E6-4F7E-8CCD-6D26272A2579}\_4DBC07C00B2101502D53AE.exe
[2010/04/15 23:49:30 | 000,007,278 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{1186703C-E6E6-4F7E-8CCD-6D26272A2579}\_6FEFF9B68218417F98F549.exe
[2010/04/15 23:49:30 | 000,002,862 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{1186703C-E6E6-4F7E-8CCD-6D26272A2579}\_88AC343B2FAE61D133BB3F.exe
[2010/04/15 23:49:30 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{1186703C-E6E6-4F7E-8CCD-6D26272A2579}\_FEDBBE74E0FBCBC39E5335.exe
[2007/10/07 17:16:06 | 000,581,632 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{2D79124E-B4F8-40D6-A7F2-AB7249FF34BF}\ARPPRODUCTICON.exe
[2007/10/07 17:16:06 | 000,581,632 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{2D79124E-B4F8-40D6-A7F2-AB7249FF34BF}\NewShortcut1_2D79124EB4F840D6A7F2AB7249FF34BF.exe
[2010/04/17 21:08:06 | 000,012,862 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{2DE2D7A6-819E-4A60-80EB-2C6E3EA1FD4D}\_4D6E2A9E8AD347B9A7F4D1.exe
[2010/02/26 23:34:25 | 000,016,958 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{ADFB6598-D680-48D4-B06F-7848505B0B7F}\_6FEFF9B68218417F98F549.exe
[2010/02/26 23:34:25 | 000,016,958 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{ADFB6598-D680-48D4-B06F-7848505B0B7F}\_80BBC37C2F46AA1D288607.exe
[2010/02/26 23:34:25 | 000,016,958 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{ADFB6598-D680-48D4-B06F-7848505B0B7F}\_99D2BC30040FFAF14C2281.exe
[2010/04/03 19:38:48 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{F6249ABF-F16D-4AF3-8755-4D62F799C238}\_6FEFF9B68218417F98F549.exe
[2010/04/03 19:38:48 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\stream\Application Data\Microsoft\Installer\{F6249ABF-F16D-4AF3-8755-4D62F799C238}\_FCF4B120D6A8BD6C385184.exe
[2009/06/29 21:51:42 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\stream\Application Data\Real\RealPlayer\setup\AU_setup.exe
[2010/05/08 03:08:25 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\stream\Application Data\Real\Update\setup3.10\setup.exe
[2007/10/07 18:37:46 | 023,510,720 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\stream\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe


< MD5 for: AGP440.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cdrom.sys
[2008/04/14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CHANGER.SYS >
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008/04/14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\changer.sys
[2004/08/03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: CRYPTSVC.DLL >
[2004/08/04 00:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008/04/14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008/04/14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008/04/14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[2008/04/14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2008/04/14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2003/03/31 13:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008/04/14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008/04/14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008/04/13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\hal.dll
[2004/08/03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: ISAPNP.SYS >
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008/04/14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008/04/13 19:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\isapnp.sys
[2008/04/14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2003/03/31 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2004/08/04 00:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008/04/14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[2008/04/14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2008/04/14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVGTS.SYS >
[2007/05/04 15:50:10 | 000,103,936 | ---- | M] (NVIDIA Corporation) MD5=859794817394AFAE6E79E069BA5125BA -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\Win2K\sata_ide\nvgts.sys
[2007/05/04 15:50:10 | 000,103,936 | ---- | M] (NVIDIA Corporation) MD5=859794817394AFAE6E79E069BA5125BA -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\Win2K\sataraid\nvgts.sys
[2007/05/04 15:50:10 | 000,103,936 | ---- | M] (NVIDIA Corporation) MD5=859794817394AFAE6E79E069BA5125BA -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\WinXP\sata_ide\nvgts.sys
[2007/05/04 15:50:10 | 000,103,936 | ---- | M] (NVIDIA Corporation) MD5=859794817394AFAE6E79E069BA5125BA -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\WinXP\sataraid\nvgts.sys

< MD5 for: NVRD32.SYS >
[2007/05/04 15:50:00 | 000,116,736 | ---- | M] (NVIDIA Corporation) MD5=9E9387D6F960B0EEB12E1C1A0E9485DD -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\Win2K\sataraid\nvrd32.sys
[2007/05/04 15:50:00 | 000,116,736 | ---- | M] (NVIDIA Corporation) MD5=9E9387D6F960B0EEB12E1C1A0E9485DD -- C:\NVIDIA\nForceWin2KXP\14.10\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008/04/14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008/04/14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008/04/14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\smss.exe
[2008/04/14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004/08/04 00:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004/08/04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006/04/20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/12/03 20:07:46 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2004/08/03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=6A603809F598332DBEDD535BDBCE313E -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008/04/14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008/04/14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[2008/04/14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004/08/04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/05/05 00:01:21 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2007/10/07 12:53:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/10/07 12:53:48 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/10/07 12:53:48 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010/05/10 19:02:17 | 000,034,308 | ---- | M] () -- C:\WINDOWS\system32\BASSMOD.dll
[2010/05/10 21:58:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\ddfger.dll
[2010/05/10 21:58:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\log 10.05.2010_09.58.txt
[2010/05/11 14:41:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\log 11.05.2010_02.41.txt
[2010/05/11 20:19:03 | 000,078,942 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010/05/11 20:19:03 | 000,459,192 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010/05/11 20:19:01 | 000,548,386 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010/05/11 14:41:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 268 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61B95C7A
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:242231A9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22
< End of report >
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#7 Příspěvek od cutmatic »

OTL Extras logfile created on: 11/05/2010 20:34:49 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\stream\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.17 Gb Total Space | 4.69 Gb Free Space | 4.50% Space Free | Partition Type: NTFS
Drive D: | 7.62 Gb Total Space | 2.48 Gb Free Space | 32.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 931.51 Gb Total Space | 88.64 Gb Free Space | 9.52% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STREAM98
Current User Name: stream
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Documents and Settings\stream\Desktop\qip_infinum9000\infium.exe" = C:\Documents and Settings\stream\Desktop\qip_infinum9000\infium.exe:*:Enabled:QIP Infium Beta -- (QIP)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"C:\Program Files\Soulseek-Test\slsk.exe" = C:\Program Files\Soulseek-Test\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Steam\steamapps\harmonic_33\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\harmonic_33\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Opera\Opera.exe" = C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe" = C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Look@LAN\LookAtHost.exe" = C:\Program Files\Look@LAN\LookAtHost.exe:*:Enabled:Look@HOST -- (Carlo Medas)
"C:\Program Files\Look@LAN\LookAtLan.exe" = C:\Program Files\Look@LAN\LookAtLan.exe:*:Enabled:Look@LAN -- (Carlo Medas)
"C:\Games\Half-Life\hl.exe" = C:\Games\Half-Life\hl.exe:*:Enabled:Half-Life Launcher -- (Valve, L.L.C.)
"C:\Games\HALF LIFE COMPIL N°1\hl.exe" = C:\Games\HALF LIFE COMPIL N°1\hl.exe:*:Enabled:Half-Life Launcher -- (Valve, L.L.C.)
"C:\Program Files\Clear FTP 2006\clearftp.exe" = C:\Program Files\Clear FTP 2006\clearftp.exe:*:Enabled:clearftp -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_HALF LIFE COMPIL N°1 (By RY's)" = _HALF LIFE COMPIL N°1 (By RY's)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1186703C-E6E6-4F7E-8CCD-6D26272A2579}" = Fast Email Extractor 7
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2BC9E066-8B5A-484A-9D83-5D91EF435FFE}" = Keyword Research Pro
"{2D79124E-B4F8-40D6-A7F2-AB7249FF34BF}" = Nero Burning ROM
"{2DE2D7A6-819E-4A60-80EB-2C6E3EA1FD4D}" = Droid Email Seeker
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38AD6EA4-BBC1-4A95-B792-9950D48E2171}" = Kerio Visual C++ 2005 redistributable permanent package
"{3BD8F690-F840-4BC1-8C28-D10C95FAA951}" = Ad Word Analyzer
"{3E67F68D-3797-4B6A-B02C-27BC98DFEBDA}" = Fast Track Pro
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{470BB39A-7231-4077-AD3D-86067AD04604}" = Native Instruments Audio 8 DJ Driver
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"{50484AB7-75A5-4C77-9F73-1C8279860D87}" = FBP - Facebook Blaster Pro
"{5636E517-8100-4E2A-B69E-2B16AFFA2360}" = Sony Sound Forge 8.0d
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6B23F1DA-407B-4187-9C4C-15DECA9C8F31}" = Torrent Assault
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81D200BA-8BC6-46D1-974D-FCC87ECCB2F8}" = Icewind Dale II
"{8318FEFD-F467-44D6-82B8-129374BFE9B1}" = Opera 9.62
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87DABCF7-2C38-4996-8FBE-053CA6536168}" = Sony ACID Pro 6.0
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8ED43CF1-5E56-4D0C-AEB1-A9F9C164B9BC}" = Miroslav Philharmonik CE
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96965E6C-41DB-4E0A-BC65-D92381D51D2A}" = Sony Vegas 7.0
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A70700000002}" = Adobe Reader 7.0.7
"{AD80F06B-0F21-4EEE-934D-BEF0D21E6383}" = Temple of Elemental Evil
"{ADFB6598-D680-48D4-B06F-7848505B0B7F}" = SoftwareSubmitterPro
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2BC4969-2DE3-499A-9A3D-1B7C34ED12C3}" = HP Webcam
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD334DD1-3E56-4B66-B811-1BA2E205F9FE}_is1" = Keyword Sniper 1.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7B5688C-65E0-4E7B-90D9-24DE28DFC033}_is1" = Laser URL 1.2
"{C8310658-4019-4934-A7AC-AD1E35EDD8F5}" = CDRWIN 6.1
"{C9E129BC-27D3-436E-BAAC-4CE81E0962F1}" = Sony Media Manager 2.2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC3F3C10-F335-11DD-6784-00E2040B18BE}" = Email Address Extractor
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}" = Sony Noise Reduction Plug-In 2.0e
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E682BE3B-09F6-44B6-9404-77AAA106178E}" = Lead Samurai
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6249ABF-F16D-4AF3-8755-4D62F799C238}" = Google AdWords Editor
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"Adblock Pro" = Adblock Pro 2.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIDA32_is1" = AIDA32 v3.80
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"Alpha 3" = Alpha 3
"Analog Factory SE_is1" = Analog Factory SE 1.2
"A-PDF Text Extractor_is1" = A-PDF Text Extractor 1.3
"Applied Acoustics Lounge Lizard EP VSTi DXi v3.0" = Applied Acoustics Lounge Lizard EP VSTi DXi v3.0
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia minimoog V_is1" = Arturia minimoog V v1.6
"Arturia Moog Modular V2 v1.0" = Arturia Moog Modular V2 v1.0
"Atmosphere_is1" = Atmosphere
"Audio CD Maker_is1" = Audio CD Maker v6.0
"Audio Damage 907A VST v1.0.0.7" = Audio Damage 907A VST v1.0.0.7
"Audio Damage DubStation VST v1.0.2.0" = Audio Damage DubStation VST v1.0.2.0
"Audio/Video To MP3 Maker_is1" = Audio/Video To MP3 Maker version 3.12
"Audiorealism Bassline Pro v1.0.1" = Audiorealism Bassline Pro v1.0.1
"avast!" = avast! Antivirus
"B6E4AD11B487308A361AACB990AC314D7DEAD995" = Windows Driver Package - usbvm326 (usbvm328) Image (10/12/2006 326.1.061012.25)
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Cakewalk Rapture Expansion Pack 1" = Cakewalk Rapture Expansion Pack 1
"CCleaner" = CCleaner (remove only)
"Citrus Alarm Clock_is1" = Citrus Alarm Clock 1.0.5
"CNXT_HDAUDIO" = Conexant HD Audio
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CS-80V_is1" = CS-80V 1.6
"Dash Signature EVE2 VSTi v2.40.00" = Dash Signature EVE2 VSTi v2.40.00
"DDDP_is1" = discoDSP Discovery Pro
"Digital Media Converter_is1" = Digital Media Converter 2.78
"Digsby" = Digsby
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Easy GIF Animator Pro_is1" = Easy GIF Animator 4.8 Pro
"Edirol Hyper Canvas v1.53" = Edirol Hyper Canvas v1.53
"Edirol Super Quartet v1.52 TALiO" = Edirol Super Quartet v1.52 TALiO
"foo_audioscrobbler" = Audioscrobbler for foobar2000 (remove only)
"foobar2000" = foobar2000 v0.9.5.1
"FormatFactory" = FormatFactory 2.20
"Foxit PDF Editor" = Foxit PDF Editor
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.1
"GFORCE_SOFTWARE_MINIMONSTA_RTAS_VSTi_v1.06-PLZ" = GFORCE_SOFTWARE_MINIMONSTA_RTAS_VSTi_v1.06-PLZ
"GSpot" = GSpot Codec Information Appliance
"Half-Life" = Half-Life
"HijackThis" = HijackThis 2.0.2
"IDJ Groove & Phrase Synth2.0" = IDJ Groove & Phrase Synth
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"InstallShield_{81D200BA-8BC6-46D1-974D-FCC87ECCB2F8}" = Icewind Dale II
"intelliScore Polyphonic" = intelliScore Polyphonic
"IrfanView" = IrfanView (remove only)
"ISOpen_is1" = ISOpen V4.4.1
"iZotope pHATmatik PRO_is1" = iZotope pHATmatik PRO
"iZotope Trash_is1" = iZotope Trash
"Keywords Analyzer" = Keywords Analyzer
"KORG Legacy Collection - DIGITAL EDITION v1.0.0 " = KORG Legacy Collection - DIGITAL EDITION v1.0.0
"Korg Legacy Collection v1.1.10" = Korg Legacy Collection v1.1.10
"Laser Keyword Generator_is1" = Laser Keyword Generator 3.0
"LastFM_is1" = Last.fm 1.5.4.24567
"Linplug SaxLab v1.0.2" = Linplug SaxLab v1.0.2
"Longtion GIF Animator_is1" = Longtion GIF Animator version 5.0
"Look@LAN_1.0" = Look@LAN 2.50 Build 35
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micro Niche Finder_is1" = Micro Niche Finder
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mini_Site_Templates Toolbar" = Mini_Site_Templates Toolbar
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyLife Organized" = MyLife Organized 3.0.1
"Native Instruments - Rig Kontrol 3 Driver" = Native Instruments - Rig Kontrol 3 Driver
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Audio 8 DJ Driver" = Native Instruments Audio 8 DJ Driver
"Native Instruments B4 II" = Native Instruments B4 II
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Elektrik Piano 1.5" = Native Instruments Elektrik Piano 1.5
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Kontakt 2" = Native Instruments Kontakt 2
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"Native Instruments Xpress Keyboards v1.0" = Native Instruments Xpress Keyboards v1.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Novation Bass-Station for Cubase SX3 VSTi v1.41" = Novation Bass-Station for Cubase SX3 VSTi v1.41
"NVIDIA Drivers" = NVIDIA Drivers
"Nvidia Omega Drivers for Windows XP/2kv2.169.21" = Nvidia Omega Drivers v2.169.21 Setup Files
"Open Contacts_is1" = Open Contacts v6
"Predator_is1" = Rob Papen Predator V1.1.0
"Quadrafuzz" = Quadrafuzz v1.0
"Rainlendar2" = Rainlendar2 (remove only)
"RealPlayer 6.0" = RealPlayer
"Rob Papen Albino 3" = Rob Papen Albino 3
"ShaPlus Bandwidth Meter" = ShaPlus Bandwidth Meter 1.3
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Site Sniper Pro_is1" = Site Sniper Pro 2.8
"Sonik Synth 2" = Sonik Synth 2
"Soulseek2" = SoulSeek 157 NS 13c
"Spyware Terminator_is1" = Spyware Terminator
"STANDARD" = Microsoft Office Standard 2007
"Steinberg Cubase SX v3.1.1.944" = Steinberg Cubase SX v3.1.1.944
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Super Email Sender_is1" = Super Email Sender
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"Tiberian Sun" = Command & Conquer Tiberian Sun
"Time Zone Clock V2.0_is1" = Time Zone Clock V2.0
"Totalcmd" = Total Commander (Remove or Repair)
"TVAnts 1.0" = TVAnts 1.0
"Ugo Disturbance v1.0 VSTi" = Ugo Disturbance v1.0 VSTi
"UltraISO_is1" = UltraISO Premium V8.51
"Uninstall_is1" = Uninstall 1.0.0.1
"Viral Submitter_is1" = Viral Submitter
"virtualcreations UltraPhazer_is1" = virtualcreations UltraPhazer 1.2
"VLC media player" = VideoLAN VLC media player 0.8.6b
"Weather Clock_is1" = Weather Clock 4.3
"Winamp" = Winamp
"WindowBlinds" = WindowBlinds
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"WordWeb" = WordWeb
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1960408961-412668190-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"uTorrent" = µTorrent
"Wakoopa" = Wakoopa

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 24/04/2008 17:39:47 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://files.ngohq.com/omega/nvidia/nvi ... 216921.exe failed, 00000084.


Error - 04/06/2008 08:53:13 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://files.ngohq.com/omega/nvidia/nvi ... 216921.exe failed, 00000084.


Error - 28/12/2008 12:31:55 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://n70.tym.cz/down/hry/lock_n_load_2.sis failed, 00000026.

Error - 28/12/2008 12:32:15 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://n70.tym.cz/down/hry/ragingthunder.sis failed, 00000026.

Error - 28/12/2008 12:35:47 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://n70.tym.cz/down/hry/ragingthunder.sis failed, 00000026.

Error - 17/02/2009 20:54:22 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://sk.static.etargetnet.com/generic ... _color:003
failed, 0000A413.

Error - 05/11/2009 15:13:25 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.cz/complete/sear ... %20s&cp=13
failed, 0000A413.

Error - 06/11/2009 08:30:24 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.youtube.com/get_video_info?& ... rock&hl=en
failed, 0000A413.

Error - 06/11/2009 16:25:12 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.cz/complete/sear ... 0dru&cp=13
failed, 0000A413.

Error - 09/11/2009 20:06:54 | Computer Name = STREAM98 | Source = avast! | ID = 33554522
Description = AAVM - chyba pri testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.elementsthegame.com/readrpvp.php?ran=579077 failed, 0000A413.

[ Application Events ]
Error - 09/11/2008 19:52:21 | Computer Name = STREAM98 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16735, faulting
module unknown, version 0.0.0.0, fault address 0x61eb77e0.

Error - 13/11/2008 14:43:09 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 13/11/2008 15:58:55 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 17/11/2008 21:34:55 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application opera.exe, version 9.62.10467.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 24/11/2008 11:35:31 | Computer Name = STREAM98 | Source = Application Error | ID = 1000
Description = Faulting application guninst.exe, version 0.0.0.0, faulting module
kernel32.dll, version 5.1.2600.3119, fault address 0x0000cf6d.

Error - 26/11/2008 12:59:07 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 26/11/2008 13:01:05 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 26/11/2008 13:39:41 | Computer Name = STREAM98 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application acid60.exe, version 6.0.0.355, stamp 45422428,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x4ec6730c.

Error - 09/12/2008 16:33:01 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/12/2008 16:41:02 | Computer Name = STREAM98 | Source = Application Hang | ID = 1002
Description = Hanging application acid60.exe, version 6.0.0.355, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 24/11/2009 12:47:26 | Computer Name = STREAM98 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7141
seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 09/04/2010 15:25:46 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 11/04/2010 03:49:09 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 13/04/2010 22:22:49 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 16/04/2010 02:52:55 | Computer Name = STREAM98 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 16/04/2010 02:56:05 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 19/04/2010 19:50:13 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 24/04/2010 11:17:10 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 28/04/2010 12:37:34 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 29/04/2010 06:16:14 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 01/05/2010 17:24:38 | Computer Name = STREAM98 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#8 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.4.9
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.2
FF - prefs.js..extensions.enabledItems: goog@ind.net:2.4
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.0.5
FF - prefs.js..extensions.enabledItems: webrank-toolbar@probcomp.com:2.1
FF - prefs.js..extensions.enabledItems: {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.0.145
FF - prefs.js..extensions.enabledItems: {cdd4ec87-8e25-4b42-b8fb-484fdd6a2131}:0.22
FF - prefs.js..extensions.enabledItems: savesession@noasobi.net:1.3.1.6
FF - prefs.js..extensions.enabledItems: lintasnusa@gmail.com:1.2
[2010/05/11 20:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com
[2010/03/15 18:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\goog@ind.net
[2010/05/07 23:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com
[2010/05/11 20:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\rankchecker@seobook.com
[2010/05/07 13:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net
[2010/03/14 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com
[2010/05/01 22:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com
[2010/04/07 23:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com
[2010/04/01 23:50:22 | 000,083,248 | ---- | M] (Pinball Corporation.) -- C:\Program Files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll
IE - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1960408961-412668190-682003330-1003\..\Toolbar\WebBrowser: (Digsby Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [ShaPlus Bandwidth Meter] File not found
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-1960408961-412668190-682003330-1003..\Run: [Weather Clock] File not found
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O34 - HKLM BootExecute: (C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat,) - File not found
[2010/04/30 18:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010/05/11 20:01:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/05/11 20:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 268 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61B95C7A
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:242231A9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]
Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Obrázek Doporučuji odinstalovat µTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.


Obrázek Následující soubor/y otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\system32\drivers\ute3ntiz.sys
C:\WINDOWS\System32\ddfger.dll

(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Obrázek
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#9 Příspěvek od cutmatic »

All processes killed
========== OTL ==========
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: toolbar@alexa.com:1.4.9 removed from extensions.enabledItems
Prefs.js: rankchecker@seobook.com:1.7.2 removed from extensions.enabledItems
Prefs.js: goog@ind.net:2.4 removed from extensions.enabledItems
Prefs.js: firebug@software.joehewitt.com:1.5.4 removed from extensions.enabledItems
Prefs.js: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.0.5 removed from extensions.enabledItems
Prefs.js: webrank-toolbar@probcomp.com:2.1 removed from extensions.enabledItems
Prefs.js: {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.6 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Prefs.js: toolbar@ask.com:3.5.0.145 removed from extensions.enabledItems
Prefs.js: {cdd4ec87-8e25-4b42-b8fb-484fdd6a2131}:0.22 removed from extensions.enabledItems
Prefs.js: savesession@noasobi.net:1.3.1.6 removed from extensions.enabledItems
Prefs.js: lintasnusa@gmail.com:1.2 removed from extensions.enabledItems
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin\classic\win folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin\classic\trace folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin\classic\mac folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin\classic\breakOn folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin\classic folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\skin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\platform\Darwin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\platform folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\zh-TW folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\zh-CN folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\vi-VN folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\uk-UA folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\tr-TR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\sv-SE folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\sl-SI folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\sk-SK folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\ru-RU folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\ro-RO folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\pt-PT folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\pt-BR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\pl-PL folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\nl-NL folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\ko-KR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\ja-JP folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\it-IT folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\is-IS folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\hy-AM folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\hu-HU folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\hr-HR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\fr-FR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\fa-IR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\es-ES folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\es-AR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\en-US folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\el-GR folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\de-DE folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\da-DK folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\cs-CZ folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\ca-AD folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale\bg-BG folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\locale folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\lite folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\icons\default folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\icons folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\docs folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\defaults folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\content\firebug\tests folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\content\firebug\lib folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\content\firebug folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\content folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com\components folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\firebug@software.joehewitt.com folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\goog@ind.net\chrome folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\goog@ind.net folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com\chrome\skin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com\chrome\content folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com\chrome folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\lintasnusa@gmail.com folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\rankchecker@seobook.com folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\defaults\preferences folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\defaults folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\skin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\zh-TW folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\sv-SE folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\ja folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\it-IT folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\es-ES folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale\de-DE folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\locale folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome\content folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net\chrome folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\savesession@noasobi.net folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\skin\rank folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\skin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\META-INF folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\locale\zh-CN folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\locale\en-US folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\locale folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\defaults folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\content folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com\components folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@alexa.com folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-01-May-2010-21-38-27-GMT folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com\defaults folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com\chrome folder moved successfully.
C:\Documents and Settings\stream\Application Data\Mozilla\Firefox\Profiles\19pdxrg9.default\extensions\webrank-toolbar@probcomp.com folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-412668190-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-412668190-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShaPlus Bandwidth Meter deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-412668190-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Weather Clock deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0483894E-2422-45E0-8384-021AFF1AF3CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0483894E-2422-45E0-8384-021AFF1AF3CD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0483894E-2422-45E0-8384-021AFF1AF3CD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0483894E-2422-45E0-8384-021AFF1AF3CD}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat, deleted successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\WINDOWS\002330_.tmp deleted successfully.
C:\WINDOWS\005791_.tmp deleted successfully.
C:\WINDOWS\NV26681276.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET7.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET3A59.tmp deleted successfully.
C:\WINDOWS\System32\SET3A65.tmp deleted successfully.
C:\WINDOWS\System32\setb0.tmp deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP folder moved successfully.
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:61B95C7A .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:242231A9 .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22 .
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users
->Flash cache emptied: 38 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: stream
->Temp folder emptied: 26742068 bytes
->Temporary Internet Files folder emptied: 11831847 bytes
->Java cache emptied: 405860 bytes
->FireFox cache emptied: 101985141 bytes
->Google Chrome cache emptied: 6563494 bytes
->Opera cache emptied: 208146514 bytes
->Flash cache emptied: 4570 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81920 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 112094 bytes
RecycleBin emptied: 152917939 bytes

Total Files Cleaned = 485.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: stream
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.4.1 log created on 05132010_153457

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_770.dat moved successfully.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#10 Příspěvek od Caroprd111 »

OK, ještě ten virustotal.
Obrázek
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#11 Příspěvek od cutmatic »

http://www.virustotal.com/cs/analisis/7 ... 1273762665

druhy soubor ma nulovou velikost > '0 bytes size received / Se ha recibido un archivo vacio'
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#12 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:Processes
C:\WINDOWS\explorer.exe

:OTL
DRV - [2009/11/27 17:46:15 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ute3ntiz.sys -- (ute3ntiz)

:Commands
[REBOOT]
Poté klikněte na Opravit, PC se restartuje, log vložte sem.
Obrázek
Nahoru
cutmatic
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 21 říj 2006 18:34

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#13 Příspěvek od cutmatic »

========== PROCESSES ==========
No active process named explorer.exe was found!
========== OTL ==========
Error: No service named ute3ntiz was found to stop!
Service\Driver key ute3ntiz not found.
File C:\WINDOWS\system32\drivers\ute3ntiz.sys not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.4.1 log created on 05132010_161241

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Kontrola PC - Hotbar/MyWebSearch Toolbary

#14 Příspěvek od Caroprd111 »

Obrázek Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek Stáhněte SPTD http://www.duplexsecure.com/en/downloads
  • Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
  • zvolte možnost Uninstall a restartujte PC.

Obrázek Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
  • Klikněte na "Disable" a restartujte PC.

Obrázek Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek Start > Spustit (Win + R)
  • Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t
  • Klikněte na OK
  • Vytvoří se log s názvem mbr.log, vložte ho sem.


Obrázek Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
Obrázek
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“