Nakažené PC ... Pls o radu

Zpráva

4Janny4 · #1 Příspěvek od **4Janny4** » 29 led 2011 20:46

Ahoj ..prosim o radu.. mám něco s pc, ale nemůžu udělat žadnej log např. v HJT, protože mi nejdou ani nainstalovat stažené programi : )

#2 Příspěvek od **vyosek** » 29 led 2011 21:13

Zdravim, pekny vecer preji a vitam Vas u nas na foru

Prihlaste se do nouzoveho rezimu (restrat PC, mackat F8, zvolit Stav nouze s praci v siti)

Dejte log z RSIT - navod v mem podpise

Jak se ta "nakazenost" PC projevuje

Kdyby byl nejaky problem, tak napiste

4Janny4 · #3 Příspěvek od **4Janny4** » 29 led 2011 23:02

Projevuje se to asi tak, že počítač je zpomalený a zasekaný a nejde nic stahovat z internetu vždy to hodí chybu, že to nemuže najít zdrojovou složku ... teď to projedu RSIT a uvidime : ) Neni to můj pc, takže neznam přesné problémy...

4Janny4 · #4 Příspěvek od **4Janny4** » 29 led 2011 23:06

Logfile of random's system information tool 1.08 (written by random/random)
Run by HP Pavilion dv5 at 2011-01-29 22:57:01
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (5%) free of 231 GB
Total RAM: 2044 MB (46% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{E753605B-4AD7-4BEE-9D0D-29E23FD43118}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-04 2731360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre2.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-04-12 1018616]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre2.dll [2010-10-18 3908192]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-23 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"reset"=regedit /s reset.reg []
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-04-15 442433]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-23 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-23 92704]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-12-01 842816]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-05-18 2363392]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"FlashGet 3"=C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe -minimize []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\HP Pavilion dv5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2011-01-29 22:57:01 ----D---- C:\rsit
2011-01-29 22:57:01 ----D---- C:\Program Files\trend micro
2011-01-29 22:28:48 ----ASH---- C:\hiberfil.sys
2011-01-29 21:19:32 ----A---- C:\Windows\ntbtlog.txt
2011-01-24 22:39:21 ----D---- C:\torrent
2011-01-24 02:30:44 ----D---- C:\Program Files\Windows Collaboration
2011-01-12 17:22:10 ----A---- C:\Windows\DXT2207.tmp
2011-01-12 17:16:49 ----D---- C:\UnrealTournament
2011-01-12 14:23:00 ----D---- C:\Users\HP Pavilion dv5\AppData\Roaming\Malwarebytes
2011-01-12 14:22:46 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-01-12 14:22:44 ----D---- C:\ProgramData\Malwarebytes
2011-01-12 14:22:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-12 14:22:40 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-12 02:56:45 ----A---- C:\Windows\system32\sdclt.exe
2011-01-12 02:56:40 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 02:56:30 ----A---- C:\Windows\system32\tlntsess.exe
2011-01-12 02:56:30 ----A---- C:\Windows\system32\telnet.exe
2011-01-11 04:07:14 ----D---- C:\inetpub
2011-01-11 03:48:48 ----D---- C:\Program Files\uTorrentBar
2011-01-11 03:46:27 ----D---- C:\Users\HP Pavilion dv5\AppData\Roaming\uTorrent
2010-12-27 21:07:25 ----SHD---- C:\found.000
2010-12-16 14:16:07 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 14:16:03 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 14:16:03 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 14:16:03 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 14:16:02 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 14:16:02 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 14:15:58 ----A---- C:\Windows\system32\consent.exe
2010-12-16 14:15:53 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 14:15:45 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 14:15:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 14:15:44 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 14:15:43 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 14:15:42 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 14:15:42 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 14:15:41 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 14:15:40 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 14:15:40 ----A---- C:\Windows\system32\ieencode.dll
2010-12-16 14:15:40 ----A---- C:\Windows\system32\ieapfltr.dll
2010-12-16 14:15:37 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 14:15:37 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 14:15:37 ----A---- C:\Windows\system32\atmfd.dll
2010-12-12 23:21:46 ----D---- C:\Program Files\VideoLAN
2010-12-05 14:00:44 ----A---- C:\Windows\system32\javaws.exe
2010-12-05 14:00:44 ----A---- C:\Windows\system32\javaw.exe
2010-12-05 14:00:44 ----A---- C:\Windows\system32\java.exe
2010-12-03 13:38:07 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-12-03 13:38:02 ----D---- C:\Program Files\Common Files\DESIGNER
2010-12-03 13:36:57 ----D---- C:\Program Files\Microsoft Sync Framework
2010-12-03 13:36:57 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-12-03 13:30:13 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-12-03 13:28:58 ----D---- C:\Program Files\Microsoft Analysis Services
2010-11-27 11:33:28 ----D---- C:\Program Files\ConduitEngine
2010-11-27 11:33:28 ----A---- C:\Windows\system32\ConduitEngine.tmp
2010-11-23 00:44:50 ----D---- C:\Windows\system32\URTTEMP

======List of files/folders modified in the last 3 months======

2011-01-29 22:57:01 ----RD---- C:\Program Files
2011-01-29 22:57:01 ----D---- C:\Windows\Prefetch
2011-01-29 22:56:55 ----D---- C:\Windows\Temp
2011-01-29 22:54:07 ----D---- C:\Windows\system32\Tasks
2011-01-29 22:53:48 ----SHD---- C:\Windows\Installer
2011-01-29 21:21:55 ----D---- C:\Program Files\Mozilla Firefox
2011-01-29 21:19:32 ----D---- C:\WINDOWS
2011-01-28 15:05:40 ----D---- C:\Users\HP Pavilion dv5\AppData\Roaming\ICQ
2011-01-28 13:45:19 ----SHD---- C:\System Volume Information
2011-01-24 23:52:03 ----D---- C:\Windows\rescache
2011-01-24 23:12:41 ----D---- C:\Windows\system32\LogFiles
2011-01-24 22:44:36 ----D---- C:\Program Files\uTorrent
2011-01-24 02:31:44 ----D---- C:\Windows\System32
2011-01-24 02:31:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-24 02:31:06 ----D---- C:\Windows\winsxs
2011-01-24 02:30:44 ----D---- C:\Windows\system32\wbem
2011-01-24 02:30:44 ----D---- C:\Windows\system32\drivers\etc
2011-01-24 02:30:44 ----D---- C:\Windows\system32\cs-CZ
2011-01-24 02:30:44 ----D---- C:\Windows\inf
2011-01-21 17:10:27 ----D---- C:\Windows\system32\catroot2
2011-01-19 20:19:24 ----D---- C:\ProgramData\Microsoft Help
2011-01-19 20:15:34 ----SD---- C:\Users\HP Pavilion dv5\AppData\Roaming\Microsoft
2011-01-19 10:37:13 ----D---- C:\Windows\system32\WDI
2011-01-19 03:13:38 ----D---- C:\Users\HP Pavilion dv5\AppData\Roaming\vlc
2011-01-14 11:16:44 ----RSD---- C:\Windows\assembly
2011-01-14 11:16:44 ----D---- C:\Windows\Microsoft.NET
2011-01-14 11:01:17 ----D---- C:\Windows\system32\drivers
2011-01-14 11:01:17 ----D---- C:\Windows\ShellNew
2011-01-14 02:51:50 ----HD---- C:\ProgramData
2011-01-14 02:20:02 ----D---- C:\Windows\system32\Msdtc
2011-01-14 02:19:10 ----D---- C:\Windows\system32\config
2011-01-14 02:19:01 ----D---- C:\Windows\Tasks
2011-01-14 02:19:00 ----D---- C:\Windows\system32\spool
2011-01-14 02:19:00 ----D---- C:\Windows\system32\drivers\UMDF
2011-01-14 02:19:00 ----D---- C:\Windows\system32\CodeIntegrity
2011-01-14 02:19:00 ----D---- C:\Program Files\Common Files\eBay
2011-01-14 02:18:59 ----D---- C:\Windows\registration
2011-01-12 13:54:26 ----D---- C:\Program Files\ICQ7.2
2011-01-12 03:20:42 ----D---- C:\Windows\system32\inetsrv
2011-01-12 03:02:54 ----A---- C:\Windows\system32\mrt.exe
2011-01-12 03:01:53 ----D---- C:\Windows\system32\catroot
2011-01-11 04:07:17 ----D---- C:\Windows\system32\migration
2011-01-11 03:50:50 ----D---- C:\Program Files\BSPlayer
2011-01-05 15:43:50 ----D---- C:\Program Files\Warcraft III
2011-01-04 16:08:02 ----D---- C:\Program Files\ESET
2011-01-04 15:40:03 ----D---- C:\ProgramData\ESET
2011-01-02 20:48:43 ----D---- C:\ProgramData\AVG10
2010-12-28 12:20:57 ----D---- C:\Windows\system32\drivers\AVG
2010-12-24 15:56:05 ----D---- C:\Users\HP Pavilion dv5\AppData\Roaming\Microgaming
2010-12-20 14:37:42 ----D---- C:\Windows\xwx
2010-12-17 03:23:42 ----D---- C:\Program Files\Windows Mail
2010-12-05 14:00:42 ----D---- C:\Program Files\Java
2010-12-03 14:05:24 ----RSD---- C:\Windows\Fonts
2010-12-03 13:53:41 ----D---- C:\Program Files\Common Files\microsoft shared
2010-12-03 13:52:56 ----A---- C:\Windows\win.ini
2010-12-03 13:52:52 ----D---- C:\Program Files\Common Files\System
2010-12-03 13:40:12 ----D---- C:\Program Files\MSBuild
2010-12-03 13:38:02 ----D---- C:\Program Files\Common Files
2010-12-03 13:37:00 ----D---- C:\Program Files\Microsoft Office
2010-12-03 13:36:57 ----SD---- C:\ProgramData\Microsoft
2010-12-03 13:36:57 ----D---- C:\Program Files\Microsoft.NET
2010-12-03 13:35:16 ----D---- C:\Program Files\Microsoft Works
2010-11-27 11:33:25 ----D---- C:\Program Files\free-downloads.net
2010-11-24 15:00:04 ----SD---- C:\Windows\Downloaded Program Files
2010-11-23 00:46:31 ----D---- C:\Program Files\Internet Explorer
2010-11-16 05:15:46 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-03-27 24424]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-08-09 721904]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-26 278984]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-26 25416]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-23 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-23 7494976]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-04-15 378368]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 adxqkx42;adxqkx42; C:\Windows\system32\drivers\adxqkx42.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-11-07 17480]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe [2008-02-12 73728]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2008-01-21 11264]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-04-12 246520]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-05-18 73728]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-23 196608]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-04-23 292232]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-04-23 112008]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-08-14 9728]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-04-11 47616]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe [2008-04-15 221239]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-01 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-04-11 71168]

-----------------EOF-----------------

#5 Příspěvek od **vyosek** » 30 led 2011 10:54

Prectete si prosim Soukromou zpravu a odpovezte mi na ni

#6 Příspěvek od **vyosek** » 30 led 2011 11:37

Nelegalni ESS vyresen po SZ

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

4Janny4 · #7 Příspěvek od **4Janny4** » 30 led 2011 12:38

CKScanner - Additional Security Risks - These are not necessarily bad
c:\mu\data\item\firecracker.ozj
c:\program files\electronic arts\need for speed - porsche unleashed\savedata\3crack.sav
c:\program files\electronic arts\need for speed - porsche unleashed\savedata\crack1.hud
c:\program files\electronic arts\need for speed - porsche unleashed\savedata\crack2.hud
c:\users\hp pavilion dv5\desktop\mu\data\item\firecracker.ozj
c:\users\hp pavilion dv5\documents\nfs most wanted\crack\crack
c:\users\hp pavilion dv5\downloads\lotr - bfme\crack (palič)\návod pro nooby

.txt
c:\users\hp pavilion dv5\downloads\nero-9.4.13.2b\crack\nero 9.4.13.2 cz readme.txt
c:\users\hp pavilion dv5\downloads\nero-9.4.13.2b\crack\nero 9.4.13.2.txt
c:\users\hp pavilion dv5\downloads\nero-9.4.13.2b\crack\nero_cleaning_tool.exe
c:\users\hp pavilion dv5\downloads\nero-9.4.13.2b\crack\net_framework_3.5.exe
c:\users\hp pavilion dv5\downloads\nero-9.4.13.2b\crack\plug-ins & activation.reg
c:\users\hp pavilion dv5\downloads\warcraft 3 platinová edice\crack\miniimage.zip
c:\users\hp pavilion dv5\downloads\warcraft 3 platinová edice\crack\seriové číslo.txt
c:\users\hp pavilion dv5\downloads\warcraft 3 platinová edice\crack\warcraft_3_the_frozen_throne_cz_patch_122a.zip
scanner sequence 3.DK.11
----- EOF -----

4Janny4 · #8 Příspěvek od **4Janny4** » 30 led 2011 13:25

¨OTL logfile created on: 30.1.2011 13:02:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\HP Pavilion dv5\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 31,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,16 Gb Total Space | 12,31 Gb Free Space | 5,47% Space Free | Partition Type: NTFS
Drive D: | 7,72 Gb Total Space | 0,04 Gb Free Space | 0,55% Space Free | Partition Type: NTFS
Drive G: | 7,40 Gb Total Space | 4,99 Gb Free Space | 67,44% Space Free | Partition Type: FAT32

Computer Name: HPPAVILIONDV-PC | User Name: HP Pavilion dv5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.01.30 12:34:06 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\HP Pavilion dv5\Desktop\OTL.exe
PRC - [2011.01.30 12:28:14 | 000,453,632 | ---- | M] () -- G:\CKScanner.exe
PRC - [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.2\ICQ.exe
PRC - [2010.12.12 22:16:08 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010.04.12 22:56:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009.12.01 12:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009.07.01 17:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009.05.14 15:47:08 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe
PRC - [2008.04.15 19:17:24 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.15 16:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\WINDOWS\System32\vfsFPService.exe
PRC - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WindowsMobile\wmdSync.exe
PRC - [2008.01.16 16:56:50 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.01.16 16:56:50 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpcumi.exe

========== Modules (SafeList) ==========

MOD - [2011.01.30 12:34:06 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\HP Pavilion dv5\Desktop\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.11.10 19:08:02 | 006,127,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010.10.22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.04.21 18:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.12 22:56:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.01 12:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.05.14 15:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.04.11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.04.15 19:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV)
SRV - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.03.26 17:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\WINDOWS\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008.03.26 14:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.02.12 21:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.11.02 13:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\iprip.dll -- (iprip)

========== Driver Services (SafeList) ==========

DRV - [2010.03.26 20:18:25 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.26 20:18:24 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.11.07 15:19:10 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.08.09 15:59:23 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.14 15:49:34 | 000,093,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009.05.14 15:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.05.14 15:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\eamon.sys -- (eamon)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.05.23 04:29:00 | 007,494,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.23 04:29:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.04.28 07:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2008.04.15 19:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.15 11:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.04.01 12:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.03.27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.26 17:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008.02.01 09:41:58 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.02.01 09:41:58 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.02.01 09:41:58 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.01.24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008.01.18 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.07.11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.localstrike.com.ar/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.3790
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... n_dtid=&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2010.05.20 20:02:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010.11.24 14:45:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.14 03:54:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.12 22:16:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.01.04 16:08:07 | 000,000,000 | ---D | M]

[2010.07.22 20:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Extensions
[2010.07.22 20:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.01.28 13:52:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions
[2010.10.21 22:40:46 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.04.29 16:28:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 11:16:18 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.07.17 12:23:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.11 03:48:47 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010.05.16 14:39:13 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010.04.29 16:29:01 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\DTToolbar@toolbarnet.com
[2011.01.11 03:48:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\engine@conduit.com
[2010.10.15 14:21:50 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\toolbar@ask.com
[2011.01.29 20:24:50 | 000,002,557 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\askcom.xml
[2011.01.11 03:48:48 | 000,000,913 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\conduit.xml
[2009.08.09 16:24:51 | 000,002,399 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\daemon-search.xml
[2011.01.26 16:21:35 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-1.xml
[2010.09.11 09:03:29 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-10.xml
[2010.09.11 18:35:08 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-11.xml
[2010.10.12 21:25:09 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-12.xml
[2010.10.21 22:40:55 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-13.xml
[2010.10.29 18:25:42 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-14.xml
[2010.12.15 15:12:28 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-15.xml
[2009.10.28 15:44:25 | 000,000,950 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-2.xml
[2009.11.08 12:36:22 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-3.xml
[2009.11.19 19:39:56 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-4.xml
[2010.01.09 12:26:24 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-5.xml
[2010.02.20 13:31:33 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-6.xml
[2010.03.03 13:15:45 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-7.xml
[2010.06.25 15:50:32 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-8.xml
[2010.07.10 12:32:39 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-9.xml
[2010.04.22 12:33:22 | 000,000,945 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin.xml
[2009.08.01 20:17:09 | 000,001,196 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\winamp-search.xml
[2011.01.02 21:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.06 18:36:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.07 12:24:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.05 14:00:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.24 14:45:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2010.05.20 20:02:26 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES\DIGITALPERSONA\BIN\FIREFOXEXT
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [reset] C:\Windows\reset.reg ()
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\WINDOWS\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\WINDOWS\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.199.192.192 94.199.199.199
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\HP Pavilion dv5\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\HP Pavilion dv5\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{184ed493-84f3-11de-85ba-0021866360d9}\Shell - "" = AutoRun
O33 - MountPoints2\{184ed493-84f3-11de-85ba-0021866360d9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{7096e904-9510-11df-8765-0021866360d9}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{78b5df09-84f5-11de-952f-0021866360d9}\Shell - "" = AutoRun
O33 - MountPoints2\{78b5df09-84f5-11de-952f-0021866360d9}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ogg - C:\Windows\System32\ogg.dll ()
Drivers32: msacm.vorbis - Vorbis.acm File not found
Drivers32: msacm.vorbisenc - C:\Windows\System32\vorbisenc.dll ()
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.3ivx - C:\Windows\System32\3ivx.dll (3ivx.com)
Drivers32: vidc.3ivxvfw - C:\Windows\System32\3ivxvfwcodec.dll (3ivx.com)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.01.30 12:39:27 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\HP Pavilion dv5\Desktop\OTL.exe
[2011.01.29 22:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.29 22:57:01 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.24 22:39:21 | 000,000,000 | ---D | C] -- C:\torrent
[2011.01.24 02:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Collaboration
[2011.01.24 02:07:30 | 000,000,000 | ---D | C] -- C:\Users\HP Pavilion dv5\AppData\Local\Apps
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.01.30 13:02:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.30 13:02:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.30 12:34:06 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\HP Pavilion dv5\Desktop\OTL.exe
[2011.01.30 12:31:01 | 000,649,180 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.01.30 12:31:01 | 000,635,334 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.30 12:31:01 | 000,134,178 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.01.30 12:31:01 | 000,116,728 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.30 12:28:14 | 000,453,632 | ---- | M] () -- C:\Users\HP Pavilion dv5\Desktop\CKScanner.exe
[2011.01.30 11:56:16 | 000,000,943 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011.01.30 11:55:53 | 000,057,717 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.01.30 11:55:52 | 000,057,717 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.01.30 11:52:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.30 11:52:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.30 11:52:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.30 11:52:35 | 2144,555,008 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.30 00:33:20 | 000,143,360 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.29 22:55:24 | 000,339,991 | ---- | M] () -- C:\Users\HP Pavilion dv5\Desktop\RSIT.exe
[2011.01.29 22:49:40 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.01.29 21:21:29 | 000,002,274 | ---- | M] () -- C:\Users\HP Pavilion dv5\Desktop\Nový Sešit OpenDocument.ods
[2011.01.29 20:19:33 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E753605B-4AD7-4BEE-9D0D-29E23FD43118}.job
[2011.01.28 16:26:52 | 000,265,560 | ---- | M] () -- C:\Users\HP Pavilion dv5\Desktop\Steam_2011_01_28__15_26_48_202.mdmp
[2011.01.24 02:30:24 | 000,000,862 | ---- | M] () -- C:\Windows\System32\termcap
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.30 12:39:29 | 000,453,632 | ---- | C] () -- C:\Users\HP Pavilion dv5\Desktop\CKScanner.exe
[2011.01.29 22:56:46 | 000,339,991 | ---- | C] () -- C:\Users\HP Pavilion dv5\Desktop\RSIT.exe
[2011.01.29 22:28:48 | 2144,555,008 | -HS- | C] () -- C:\hiberfil.sys
[2011.01.29 21:21:29 | 000,002,274 | ---- | C] () -- C:\Users\HP Pavilion dv5\Desktop\Nový Sešit OpenDocument.ods
[2011.01.28 16:26:48 | 000,265,560 | ---- | C] () -- C:\Users\HP Pavilion dv5\Desktop\Steam_2011_01_28__15_26_48_202.mdmp
[2011.01.24 02:32:02 | 000,001,846 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011.01.24 02:30:41 | 000,000,862 | ---- | C] () -- C:\Windows\System32\termcap
[2011.01.10 15:27:40 | 000,000,680 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\d3d9caps.dat
[2010.11.23 00:46:57 | 000,000,103 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\fusioncache.dat
[2010.10.14 18:13:47 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.05.16 12:38:14 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.03.26 20:18:25 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.03.26 20:18:24 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.12.09 18:39:01 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.10.21 11:01:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.15 14:06:49 | 000,004,314 | ---- | C] () -- C:\Program Files\NFSMW-MINI.mds
[2009.08.09 15:59:23 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.08.03 21:59:49 | 000,143,360 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.29 19:14:40 | 000,000,000 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\QSwitch.txt
[2009.07.29 19:14:40 | 000,000,000 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\DSwitch.txt
[2009.07.29 19:14:40 | 000,000,000 | ---- | C] () -- C:\Users\HP Pavilion dv5\AppData\Local\AtStart.txt
[2009.07.29 18:50:36 | 000,057,717 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.29 18:50:35 | 000,057,717 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.11.14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2002.10.06 19:42:58 | 000,105,472 | ---- | C] () -- C:\Windows\System32\oggds.dll
[2002.10.05 00:04:26 | 000,092,672 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002.10.05 00:04:26 | 000,080,384 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2002.10.05 00:04:18 | 000,021,504 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\MafiaSetup.exe
[2002.05.17 21:18:30 | 000,039,936 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010.10.20 19:33:51 | 000,000,000 | ---D | M] -- C:\Users\Nikol\AppData\Roaming\AVG10
[2010.09.04 20:23:51 | 000,000,000 | ---D | M] -- C:\Users\Nikol\AppData\Roaming\DigitalPersona
[2010.09.04 20:23:58 | 000,000,000 | ---D | M] -- C:\Users\Nikol\AppData\Roaming\ESET
[2011.01.24 02:05:34 | 000,000,000 | ---D | M] -- C:\Users\Nikol\AppData\Roaming\uTorrent
[2011.01.29 22:49:41 | 000,032,562 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011.01.29 20:19:33 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E753605B-4AD7-4BEE-9D0D-29E23FD43118}.job

4Janny4 · #9 Příspěvek od **4Janny4** » 30 led 2011 13:26

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter
"MsnMsgr" = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background -- [2007.01.19 11:55:08 | 005,674,352 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.05.18 17:56:12 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.10.22 17:30:34 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Adobe
[2010.10.20 12:53:18 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\AVG10
[2010.08.27 00:22:57 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\BITS
[2009.11.07 11:02:45 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\CyberLink
[2009.08.15 14:03:34 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\DAEMON Tools Lite
[2009.07.29 19:13:58 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\DigitalPersona
[2010.06.20 21:01:04 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\dvdcss
[2010.08.27 00:07:57 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\ESET
[2010.05.16 12:37:34 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\FlashGet
[2010.05.16 12:37:29 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\FlashGetBHO
[2009.08.24 14:30:40 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\GHISLER
[2009.11.07 16:07:24 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Hamachi
[2010.05.24 16:51:04 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Hewlett-Packard
[2011.01.30 11:58:23 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\ICQ
[2009.07.29 19:13:41 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Identities
[2009.11.07 10:14:24 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Leadertech
[2009.07.29 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Macromedia
[2009.07.29 19:07:51 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Macrovision
[2011.01.12 14:23:00 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Media Center Programs
[2010.12.24 15:56:05 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Microgaming
[2011.01.19 20:15:34 | 000,000,000 | --SD | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Microsoft
[2009.10.21 10:17:20 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Motive
[2009.10.31 11:26:55 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla
[2010.10.21 13:00:02 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\My Battle for Middle-earth Files
[2009.12.24 12:18:45 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Nero
[2009.10.29 18:05:08 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\OpenOffice.org
[2010.10.04 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\RadLight Company
[2010.10.24 18:30:16 | 000,000,000 | RH-D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\SecuROM
[2010.08.31 00:40:13 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Sports Interactive
[2009.07.29 19:14:27 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Symantec
[2010.07.22 20:57:08 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\TomTom
[2009.08.09 18:00:36 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\U3
[2011.01.29 21:17:25 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\uTorrent
[2009.10.31 11:44:49 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\VistaCodecs
[2011.01.19 03:13:38 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\vlc
[2009.11.04 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\Winamp
[2010.08.22 08:22:46 | 000,000,000 | ---D | M] -- C:\Users\HP Pavilion dv5\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\MafiaSetup.exe
[2010.10.14 19:45:23 | 003,056,008 | ---- | M] (Ask) -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2006.12.14 09:00:02 | 000,110,592 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\U3\temp\cleanup.exe
[2007.02.12 16:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Users\HP Pavilion dv5\AppData\Roaming\U3\temp\Launchpad Removal.exe

< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\WINDOWS\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\WINDOWS\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\WINDOWS\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\WINDOWS\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2007.01.12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\WINDOWS\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008.04.15 16:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\System32\drivers\iaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\WINDOWS\System32\drivers\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\WINDOWS\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\WINDOWS\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\WINDOWS\System32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\WINDOWS\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\System32\svchost.exe
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\WINDOWS\System32\drivers\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\ws2_32.dll
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 03:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2008.01.21 03:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.09 15:59:23 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 03:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2008.01.21 03:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.30 11:52:47 | 000,003,216 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.30 11:52:47 | 000,003,216 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.30 12:31:01 | 000,134,178 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.30 12:31:01 | 000,116,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.30 12:31:01 | 000,649,180 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.30 12:31:01 | 000,635,334 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.30 12:31:01 | 001,530,806 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >

4Janny4 · #10 Příspěvek od **4Janny4** » 30 led 2011 13:26

OTL Extras logfile created on: 30.1.2011 13:02:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\HP Pavilion dv5\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 31,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,16 Gb Total Space | 12,31 Gb Free Space | 5,47% Space Free | Partition Type: NTFS
Drive D: | 7,72 Gb Total Space | 0,04 Gb Free Space | 0,55% Space Free | Partition Type: NTFS
Drive G: | 7,40 Gb Total Space | 4,99 Gb Free Space | 67,44% Space Free | Partition Type: FAT32

Computer Name: HPPAVILIONDV-PC | User Name: HP Pavilion dv5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BDA82-A0A2-4599-B4CC-10FBA4D516A9}" = lport=445 | protocol=6 | dir=in | app=system |
"{01088318-B2F0-41BA-B253-53B177E77342}" = rport=139 | protocol=6 | dir=out | app=system |
"{05D4D392-D597-4B81-8437-F4924671E0CB}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{08660833-C6FA-4165-9787-0366FEC11255}" = rport=5358 | protocol=6 | dir=out | app=system |
"{08F3C4CF-8AB8-4E7E-A9B2-800861A6D8E7}" = lport=10244 | protocol=6 | dir=in | app=system |
"{0D7FF4B1-3B8F-4C9F-8617-5513C79A72EE}" = lport=445 | protocol=6 | dir=in | app=system |
"{11392A62-C88F-4C26-AE65-92FFBB67CD1B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{116A1313-F5FF-47AC-A70F-7E1D931BAD56}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
"{1280C264-048C-4979-B5BA-F8A9FA5AEAD5}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{1603B50A-422A-486D-8251-A4DB38BA5C11}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
"{16F85367-74B2-454B-B39A-3FD56203EB32}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1A6B734D-0C2D-4F83-A329-5EF9FEE1F169}" = rport=10244 | protocol=6 | dir=out | app=system |
"{20047781-5D8C-4552-BC88-FCC13B32632E}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{238BAE63-81FF-479B-9C40-4E43C3A2CF93}" = lport=445 | protocol=6 | dir=in | app=system |
"{23E3F3C6-D03F-4DAC-9D24-8A2A882E50CD}" = lport=5358 | protocol=6 | dir=in | app=system |
"{269C607C-E488-43CB-B63E-92531B1F04BB}" = lport=3390 | protocol=6 | dir=in | app=system |
"{2A8089E4-EDF3-4D0D-9877-D0C3663274E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{329E4703-0527-4600-A0F7-C54A8BB9EAFA}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{38426AE2-24C0-4B61-871E-C26648BDEBEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{3925C033-1D42-4CD4-BA4E-E2DAA4FF23F7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A195477-71B7-43CA-BBD8-E567D61948D4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{3D6D2039-496E-4F39-A269-640CAADEE124}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{3DAD3020-ACDC-4641-962C-F4479717483D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{41E6AD6F-ADAA-4C39-8143-5837DCB4E7D7}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{455E5ACE-E983-47FD-AEDC-244CCBB2C3AC}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{476057C2-E01B-4BB2-A915-56AB89B460D1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{47AC0281-8740-46B9-9B55-25CF14321C0C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{48FF653E-0F29-4F7F-97A6-D7F7CCDB87E1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{49888D02-27FE-4C73-9DBF-7DBCEF796AB3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4B97A927-002D-4D3C-A070-BF2E8126F8E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4BAA7079-3F1A-49B6-A1FE-3D39BE353CC4}" = lport=2178 | protocol=6 | dir=in | app=system |
"{4EEC00F9-A5DB-4309-BF63-F980C2FD5EA8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{509B48D9-BB2B-4B87-BDB0-F5C7196E7008}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{528996E8-75B3-4939-879C-FD403FE8B49E}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe |
"{54DE1080-CCED-4C8D-8D0D-E531C938BFE9}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{5F117C5E-AE47-427D-90D3-FA8ED74E7223}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{614AE43E-CD79-4761-9EBB-9CB849AABCC2}" = rport=5357 | protocol=6 | dir=out | app=system |
"{659B5E3F-972B-4413-9402-C7D5EA9CAA4C}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{6DEC1F15-8DB0-42CD-9B7A-5DDBE177619B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{709D4825-19A9-445A-BF2B-BA52AEF11294}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{720FDB3E-BAB9-4781-B3B1-A4B1539FDF8C}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{72B3B7BE-F647-4195-9C16-256E4245184B}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{734B1320-5535-4F94-A407-EF2EFAE02E35}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{7DD3474F-B82E-4ED1-801B-E0D175FFC51A}" = lport=443 | protocol=6 | dir=in | app=system |
"{827A3628-DC08-42F5-B382-D68216C34E62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{85AA8860-798A-46E3-832A-64DF80AAFFFE}" = lport=445 | protocol=6 | dir=in | app=system |
"{87FBA7A4-9699-40D4-9C3F-7A7B6AFC0654}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{91114E01-028E-4014-BF7E-C50BD32D8AF7}" = lport=5357 | protocol=6 | dir=in | app=system |
"{92C32928-3682-4445-A856-74AD2316722F}" = rport=137 | protocol=17 | dir=out | app=system |
"{94BCAA03-22FB-4BFC-90A3-BFE97ECD0F45}" = rport=1701 | protocol=17 | dir=out | app=system |
"{9B1FBAD4-7B5D-4DC1-AC35-EEE48C73016F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{9B7622AE-F1F3-4302-8A2E-9E3854D8A369}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{9BBD1616-AFC8-484C-8375-E2F04B6554A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9DD5588B-9972-4382-B289-27644C9851FA}" = lport=139 | protocol=6 | dir=in | app=system |
"{9E78060D-A75D-4455-ADE5-A7C2448E676D}" = lport=445 | protocol=6 | dir=in | app=system |
"{9E913E09-8AA9-4BA4-B6B8-701A2E6352EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9FA88EDE-2B77-47BE-867B-17CCFCF03EE9}" = rport=138 | protocol=17 | dir=out | app=system |
"{9FCD7905-72A1-475A-B048-1C4AD79044B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A9AB65CB-D3E6-45BA-AFE0-59B9376762B3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{AD650E1B-38F0-45C0-93BF-C96D01B873E3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B03E8984-03DB-4BA5-966C-395E119D117F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B55247DB-81BD-4527-A40C-96D45FFA77ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{B6C2EAFC-1DB6-44F3-A4E9-F7C0F055D58F}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{BD7FABC8-0A06-47EE-ACB0-6AF1E01DC01B}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{BED8B3AE-2BBE-4A8B-B58C-A97E31E11744}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BEF8A902-B787-4D93-B0DD-978C0FEB2507}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C16EFEAC-A9B4-4BC9-8482-C6CC252DAB88}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C3274868-01CE-4ED7-B340-C6A5F4A425B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C5824532-E56F-47E9-A9B2-E6FAD2677D52}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=sdílení souborů a tiskáren (služba zařazování tisku – rpc-epmap) |
"{C7106B8F-9504-46EF-B7D8-1EE2C31A796F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C8E47624-822F-43B0-ADE1-EC69EF8056B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CAB283C5-39CB-4E9E-9517-2E47E6AF1FB1}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{CABE0EBA-8D92-41B5-8091-90C97CA34815}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{CE07CCE9-C5CD-4C35-A0DD-E2EB77E7AE1A}" = rport=2178 | protocol=6 | dir=out | app=system |
"{CEBA9792-B67A-4BFD-AD25-0A2C1E1EB95F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{CF47FC3E-96C5-4CB9-8609-F9F49F4D26FB}" = rport=1723 | protocol=6 | dir=out | app=system |
"{D06E9512-B0E0-4351-8A28-6AF2C43862CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D2C46022-B2C4-44A7-9257-EA5B6C9670F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{D3086752-99E9-42C3-8FD9-1BE7DA9B162C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{DA1D401B-10FE-4C05-A3BE-EF58603E02AE}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{DB8C57FF-0AAA-4F0C-B547-98F69BBBA287}" = lport=1723 | protocol=6 | dir=in | app=system |
"{DBFBD19F-177D-4676-9FB9-CA4116E86A12}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DCFE19BA-8111-452B-BAC9-16107050BFBD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{DE428873-9DF0-49F8-9A95-A1F86520279D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{DF2A3796-2EA1-400C-997D-844E10559F33}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E5C16A2E-DE7C-40D8-9899-F3469E650762}" = lport=138 | protocol=17 | dir=in | app=system |
"{EA8E19DF-B3D9-442E-8B5E-F33D36FFDC1A}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{ED3AAA1A-FD2E-4EFF-A054-A14AFFEB796C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F185DB26-A19F-4265-9B83-6DCD184E906B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{F3685E0F-1533-418C-B1D6-005441300389}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{F602D7F0-DBB0-40E2-B383-8136DC538D5E}" = lport=80 | protocol=6 | dir=in | app=system |
"{F6E4B0C7-C378-4C64-97FD-BAAB9E5B58C6}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{F95807A8-78BB-45ED-8043-7C81E160AB1D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FDA5E642-892F-4C02-A346-BA7F4D447861}" = lport=1701 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037ED4EC-8348-4D83-8DFF-C697EA7201C1}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{04EBC7CA-E26C-46F4-BBA6-35963C3B1A86}" = protocol=1 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-in) |
"{0535F65F-98B9-449B-B4C1-ABCD51298958}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{0547CBF1-F1E5-424E-85E8-C386A2EE977B}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{068A7828-A3D6-4B72-BA40-4B9617FAD719}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{09C93860-C5D0-44C2-874C-DCAFB5520E9E}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{0A3F3103-1917-4A45-BE05-E1A1D7CEEE64}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{101E7AB4-817F-4F19-AEA7-1E89C6EAEDB0}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1246318C-4009-45CD-B19C-AE75C721C89E}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{22D2460B-41B1-46AE-834C-CEA2ECD60420}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{269B3C25-75D1-44D9-B26B-063473EBA5B6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{27BEBB5E-A964-446F-A075-D40436879FEE}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{2B985397-A1CF-4EA8-811A-542F0548F1AA}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{2D560112-3955-4DA7-BD77-A21CD67F96FE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{31E4F6A6-CDC6-4D2E-B7A8-AABBCF8C335D}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{359DFB36-62DF-4249-A307-E5720E1A455F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{36C03729-0046-46E5-9774-DA4D3465843D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{41CEBA43-7C32-4BD8-8275-D2CA29FE5E01}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{43232AF2-9776-4CC2-9F4E-3B7B11D39ACE}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{4BC14B14-3EBB-4100-8E6B-1CF471A3BC3B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{52FEDCC8-C65B-4529-9D2C-814FDB2DA8B9}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{5497595F-BC6B-46A7-8E77-718263C07436}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{5563EBA1-C6C7-4303-B445-341A6A4FA457}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{59F6B633-D4FA-442C-AB7A-8C9F5CEFCBDD}" = protocol=6 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{5D66CF10-FC75-4FED-B88F-A4724B201650}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{642750CD-7808-474C-AC4C-9290FFE34664}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |
"{64875391-AD9D-43BA-868A-581A299A2B6F}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{66677BE9-777A-4EA4-AF25-28078F55F3BB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\steam.exe |
"{68806871-44D4-4446-9850-02A188744238}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{6B8BD8AF-0458-4969-B791-EE32CAAA1E1F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6D2E0670-1A95-4069-8768-0FD735CA8B98}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{6F21A266-20DD-4144-8184-82985CDBF86E}" = protocol=58 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-in) |
"{710D900B-46C6-4050-9B4E-0677FDB07E05}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{71E966AF-DF55-4E3F-8A90-05591F0B588E}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{768E0E59-4BB4-4D89-9698-F5E00C70DFB8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{76AEB076-D8FF-491F-A2E9-15E14560AF15}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7840D477-506A-4C37-8D6C-EA8D1D5DC9F0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{784B5AD4-EB83-420F-B9C9-0357A97950F9}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{7AD84263-A58F-4392-BBF3-8C3B97880046}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{7B18981A-FE1C-4ACA-BB19-E065309ECAB6}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{809BA68D-4C23-4C49-8EBD-A063D99319B1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{84B778D2-E6FD-4C3F-A7CA-9F9C18919491}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{85B40C02-F4F6-4601-89CC-088559DD475A}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{87D5F0C3-A786-4427-BBFE-98A8D2DA4F82}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe |
"{8C6FDA6E-973F-438B-AC34-FA4AD427D51B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{90A74378-C9B8-4B12-BFBC-CFF8DD18A836}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{91A3090F-946F-44A9-BB2C-7981CA328FF7}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{9600C429-B6E6-46CC-9B6F-B46160F1E7E5}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{96326DF8-4EFB-4C63-B7AE-F6B55E341B7C}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{97468EF4-A8B9-4A53-A44E-D2D6509B5671}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"{985C7859-4E5E-4256-BD3B-38BA9860504C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9D1D6CEE-717F-4C5A-9646-3B678717ED15}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{9E55CEEC-ACFC-4BA5-B45F-20FBDCF9071A}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{A66FDB51-C579-4330-A563-09763C55276C}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{A6AEA4BA-90DE-4395-8E0E-A1682D8483F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{AC22D3A9-66C6-47B2-B887-859D8A6CC751}" = protocol=17 | dir=in | app=c:\program files\capcom\streetfighteriv\streetfighteriv.exe |
"{AEE58C32-D471-474D-8C27-CDE8F9DF6001}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{BA4E3951-79A8-451D-A33C-3DA321ED7E3C}" = protocol=6 | dir=out | app=system |
"{BF130205-8D85-4F8C-A072-CF170E19CC3E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{BFA52B6F-B1DF-4B16-9045-EFD4779B96AF}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{C7FC3268-F59D-4DB4-9BA4-9A5FA9C32D84}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CB9C3C35-AA21-4746-82E7-3D8E4BF7E6E2}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{CE326B9B-2EF3-4424-9DC8-22B7BFF7B1F9}" = protocol=6 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{CE46E2C4-B7CD-469B-82E9-6C7D98F356BA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\steam.exe |
"{CE99AEE4-17F1-44B5-A50E-4FE335690F96}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{D69EF383-FA36-4FD8-AE63-7094637FE777}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{DBEF5BF5-EDF5-4B03-9AFB-C743B5732DFD}" = protocol=6 | dir=out | app=system |
"{DCE4A3FF-E0A9-4325-B658-D558DA265DE6}" = protocol=6 | dir=in | app=c:\program files\capcom\streetfighteriv\streetfighteriv.exe |
"{DE1D6258-F762-4A9F-AF13-048915982C6A}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{E21BB45E-7180-4EC6-8E11-20712F479775}" = protocol=1 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-out) |
"{E4BC9850-3F9A-4F4E-A18C-56362009F5BF}" = protocol=17 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{E55966CA-B2CC-4582-B590-CEE4261DD253}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E5A37B12-748A-4740-ACD9-849E2F1C723C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E6C4038C-4B06-4816-8C68-86DCA20862FC}" = protocol=58 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-out) |
"{EE873646-4FE4-4ED0-8FAE-35B91DAD5772}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{EF14439B-ED62-4687-8448-EF53776F3C7B}" = protocol=17 | dir=in | app=c:\program files\ea games\the battle for middle-earth (tm)\game.dat |
"{F247A741-0F83-47A2-B17E-D402B2955231}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{F312978C-FC8B-4118-A785-50B75BD0DAFF}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{F3376504-60E4-4858-B2AA-88B5E8610268}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F9EA0B33-9A40-4F5C-8EF4-6E91C4B7F01A}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"TCP Query User{016CC697-9880-4E7A-B432-4F0D7D9AB4F1}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{045938B1-CC23-4EDA-9509-AB3CB65A8A01}C:\program files\codemasters\f1 2010\f1_2010_game.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"TCP Query User{10F73CA0-0D54-43DE-AA09-208FC146C776}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=6 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"TCP Query User{1366D309-0177-45C8-97D7-E8F9717ADEC7}C:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe |
"TCP Query User{16EC7F8C-BFDE-488F-9B9B-FF25160E9825}C:\program files\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike\hl.exe |
"TCP Query User{1ACC7C85-4DF0-43D2-A7BA-FFECF8689574}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{3AFD854D-C0A2-4EB3-92C2-E9CCE9B02C12}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{406EECBB-0C9F-42A7-99CE-D23A70AABD6C}C:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe |
"TCP Query User{62954D4D-CA3D-462E-A5EE-51196DD34FC0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{63C82CF8-0D84-4D16-8446-37E18207F50C}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{67B1AF87-DDB6-43B8-88AE-4D56C679EAF8}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{8CB04733-70B9-4491-92CE-C224EDBB7D87}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A5EBFC86-8F0F-408B-BD61-511B12378371}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{B5610C3E-C3E9-4F78-B497-7A6CEB4541AF}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{E1495675-87B3-44AF-8D10-38A18229B0AB}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{EB827B44-CA0D-4CF1-B6E0-CDF57A370A06}C:\program files\g3torrent\g3torrent.exe" = protocol=6 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"TCP Query User{ECAB1329-FDC9-4F2B-99C2-FCD1C5800310}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{00A2E33C-89AA-4B67-A984-11BBD83A906C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{09F97E8E-96E9-4697-A00F-F8DC9FB7D4F4}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{0B8C4CBD-0B4C-4DAC-AFD4-79CD32837C32}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{11F0CD25-846B-45BC-9815-C62170AC8A84}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1480828F-502E-46B8-97E5-FD99B5A7860D}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=17 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"UDP Query User{1927C7B4-D6E8-4C48-AEA6-D0F48B475E8F}C:\program files\codemasters\f1 2010\f1_2010_game.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"UDP Query User{1C2B7531-4126-45A7-A987-1A6CAAEFE80E}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{2F27233D-A39F-45D8-9E81-B69F10E17D54}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3251B1EB-0AD9-4859-BDED-455C690CB45F}C:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe |
"UDP Query User{3E2E2DBC-5D12-4F85-A53A-A34A382DE5CF}C:\program files\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike\hl.exe |
"UDP Query User{51FC05D1-3C6D-49F0-8183-424860BD20A4}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{88575B8C-3E4A-4596-BD7E-7938AC7F0644}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{8AB0C851-EBA0-4D05-92DE-4299C6F67C22}C:\program files\g3torrent\g3torrent.exe" = protocol=17 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"UDP Query User{8DED6F17-76C7-4415-BD48-FD8F4F33D1BF}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{BC6E8379-13C2-425D-BCD9-3D5211F99367}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{C106F085-6701-4EA1-AFAF-C29984ACDED1}C:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\users\hp pavilion dv5\desktop\killong\killingfloor_v1013_nosteam\killingfloor_v1013_nosteam\killing floor\system\killingfloor.exe |
"UDP Query User{CBE43533-7EC5-4999-B554-B34309193A58}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0260AB54-8507-46A5-ADA7-E5F2C5327408}" = Windows Live Messenger
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2320c85f-5db7-4677-b86e-f4579df2ecc6}" = Nero 9 Trial
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8}" = DigitalPersona Personal 4.11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{6FA1D6BE-12DF-4C6F-98F5-A2EFFB9893E3}" = ESET NOD32 Antivirus
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{85155187-3BEF-47B4-A662-346FEABF67A6}" = ProtectSmart Hard Drive Protection
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D95CD7BE-A894-4F6C-B9DF-578C3CB411D4}" = VLC
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Plus500" = Plus500
"Shockwave" = Shockwave
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"UnrealTournament" = Unreal Tournament
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"VLC media player" = VLC media player 1.1.5
"VorbisCodec" = Ogg Vorbis ACM Codec
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1.11.2010 21:49:30 | Computer Name = HPPaviliondv-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 6.11.2010 8:21:28 | Computer Name = HPPaviliondv-PC | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: a64 Čas zahájení: 01cb7da65a87e650 Čas ukončení: 11889

Error - 10.11.2010 18:14:23 | Computer Name = HPPaviliondv-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 1.9.1.3951 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 1548 Čas zahájení: 01cb8122642fda0c Čas ukončení: 15

Error - 14.11.2010 12:46:52 | Computer Name = HPPaviliondv-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace YouCam.exe, verze 2.0.0.1616, časové razítko 0x48056ebd,
chybující modul nvoglv32.dll, verze 7.15.11.7586, časové razítko 0x4835d13d, kód
výjimky 0xc0000005, posun chyby 0x001111df, ID procesu 0x1568, čas spuštění aplikace
0x01cb841af3972cd1.

Error - 14.11.2010 16:27:54 | Computer Name = HPPaviliondv-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace IEUser.exe, verze 6.0.6002.18005, časové razítko
0x49e01e76, chybující modul msvcrt.dll, verze 7.0.6002.18005, časové razítko 0x49e0379e,
kód výjimky 0xc0000005, posun chyby 0x00009b2b, ID procesu 0xa8c, čas spuštění aplikace
0x01cb8439567e16c5.

Error - 16.11.2010 17:44:56 | Computer Name = HPPaviliondv-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace hl.exe, verze 1.1.1.1, časové razítko 0x48feaf5a,
chybující modul hw.dll_unloaded, verze 0.0.0.0, časové razítko 0x490245ed, kód
výjimky 0xc0000005, posun chyby 0x0425c811, ID procesu 0x5cc, čas spuštění aplikace
0x01cb85c535c4355c.

Error - 16.11.2010 22:04:03 | Computer Name = HPPaviliondv-PC | Source = System Restore | ID = 8193
Description =

Error - 17.11.2010 15:43:04 | Computer Name = HPPaviliondv-PC | Source = Application Hang | ID = 1002
Description = Program hl.exe verze 1.1.1.1 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
a3c Čas zahájení: 01cb868eda52d314 Čas ukončení: 370

Error - 17.11.2010 15:43:31 | Computer Name = HPPaviliondv-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 1.9.1.3951 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 1034 Čas zahájení: 01cb86892f122234 Čas ukončení: 11

Error - 18.11.2010 20:05:40 | Computer Name = HPPaviliondv-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Explorer.EXE, verze 6.0.6002.18005, časové razítko
0x49e01da5, chybující modul ADVAPI32.dll, verze 6.0.6002.18005, časové razítko
0x49e03717, kód výjimky 0xc0000005, posun chyby 0x00047d14, ID procesu 0xc88, čas
spuštění aplikace 0x01cb877d3f874296.

[ DigitalPersona Pro Events ]
Error - 14.8.2010 17:30:09 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 14.8.2010 17:30:11 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 14.8.2010 17:30:13 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 4.9.2010 15:24:03 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 8.11.2010 15:58:43 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 8.11.2010 15:58:47 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 29.1.2011 16:17:08 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 29.1.2011 17:44:49 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 29.1.2011 17:44:53 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

Error - 29.1.2011 17:44:54 | Computer Name = HPPaviliondv-PC | Source = DigitalPersona Pro | ID = 17827841
Description = One-to-one fingerprint match failed.

[ System Events ]
Error - 30.1.2011 3:32:11 | Computer Name = HPPaviliondv-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

Error - 30.1.2011 3:34:15 | Computer Name = HPPaviliondv-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

Error - 30.1.2011 6:52:43 | Computer Name = HPPaviliondv-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:19:45, 30.1.2011) bylo neočekávané.

Error - 30.1.2011 6:54:13 | Computer Name = HPPaviliondv-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30.1.2011 6:54:13 | Computer Name = HPPaviliondv-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30.1.2011 6:54:13 | Computer Name = HPPaviliondv-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 30.1.2011 6:54:17 | Computer Name = HPPaviliondv-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 30.1.2011 6:56:11 | Computer Name = HPPaviliondv-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 30.1.2011 6:56:22 | Computer Name = HPPaviliondv-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

Error - 30.1.2011 6:58:58 | Computer Name = HPPaviliondv-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0016EA678B22
byla serverem DHCP 192.168.2.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#11 Příspěvek od **vyosek** » 30 led 2011 16:20

Mate tam dva antiviry, ESET jsme dohodli pozdeji odstranit, ale to AVG dame hned pryc - dva antiviry zpusobuji nestabilitu a pady OS. Pouzijte AVG Remover http://download.avg.com/filedir/util/su ... 1_1184.exe

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2010.04.12 22:56:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.com.ar/
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://search.localstrike.com.ar/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=23471D23-113E-4859-8987-7CB2B2F5688C&apn_ptnrs=RY&apn_sauid=EC1C14EC-0421-48DA-B129-4B948F91CAD6&apn_dtid=&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010.11.24 14:45:05 | 000,000,000 | ---D | M]
[2010.04.29 16:29:01 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\DTToolbar@toolbarnet.com
[2011.01.11 03:48:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\engine@conduit.com
[2010.10.15 14:21:50 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\toolbar@ask.com
[2011.01.29 20:24:50 | 000,002,557 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\askcom.xml
[2011.01.11 03:48:48 | 000,000,913 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\conduit.xml
[2009.08.09 16:24:51 | 000,002,399 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\daemon-search.xml
[2011.01.26 16:21:35 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-1.xml
[2010.09.11 09:03:29 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-10.xml
[2010.09.11 18:35:08 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-11.xml
[2010.10.12 21:25:09 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-12.xml
[2010.10.21 22:40:55 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-13.xml
[2010.10.29 18:25:42 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-14.xml
[2010.12.15 15:12:28 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-15.xml
[2009.10.28 15:44:25 | 000,000,950 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-2.xml
[2009.11.08 12:36:22 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-3.xml
[2009.11.19 19:39:56 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-4.xml
[2010.01.09 12:26:24 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-5.xml
[2010.02.20 13:31:33 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-6.xml
[2010.03.03 13:15:45 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-7.xml
[2010.06.25 15:50:32 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-8.xml
[2010.07.10 12:32:39 | 000,000,961 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-9.xml
[2010.04.22 12:33:22 | 000,000,945 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin.xml
[2009.08.01 20:17:09 | 000,001,196 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\winamp-search.xml
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfre2.dll (Conduit Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2662851720-412359550-3639117982-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O33 - MountPoints2\{184ed493-84f3-11de-85ba-0021866360d9}\Shell - "" = AutoRun
O33 - MountPoints2\{78b5df09-84f5-11de-952f-0021866360d9}\Shell - "" = AutoRun
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2006.12.14 09:00:02 | 000,110,592 | ---- | M] () -- C:\Users\HP Pavilion dv5\AppData\Roaming\U3\temp\cleanup.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{E753605B-4AD7-4BEE-9D0D-29E23FD43118}.job
O4 - HKLM..\Run: [reset] C:\Windows\reset.reg ()

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"SunJavaUpdateSched"=-
"WinampAgent"=-
"QuickTime Task"=-
"AVG_TRAY"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-
"DAEMON Tools Lite"=-
"FlashGet 3"=-
"EA Core"=-
"WMPNSCFG"=-
"ICQ"=-

:files
C:\Windows\DXT2207.tmp
C:\Program Files\AOL\AOL Toolbar 5.0
C:\Program Files\Winamp Toolbar
C:\Program Files\uTorrentBar
C:\Program Files\Ask.com
C:\Program Files\free-downloads.net\tbfre2.dll
C:\Program Files\ICQ6Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

4Janny4 · #12 Příspěvek od **4Janny4** » 30 led 2011 16:55

All processes killed
========== OTL ==========
Error: No service named ICQ Service was found to stop!
Service\Driver key ICQ Service not found.
File C:\Program Files\ICQ6Toolbar\ICQ Service.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
File C:\Program Files\free-downloads.net\tbfre2.dll not found.
HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTor.dll not found.
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
File C:\Program Files\free-downloads.net\tbfre2.dll not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "LocalStrike" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.localstrike.com.ar/?q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "http://search.localstrike.com.ar/" removed from browser.startup.homepage
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: toolbar@ask.com:3.9.1.14019 removed from extensions.enabledItems
Prefs.js: "http://websearch.ask.com/redirect?clien ... n_dtid=&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f963a5b-e555-4543-90e2-c3908898db71}\ not found.
File C:\Program Files\AVG\AVG10\Firefox\ not found.
Folder C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\DTToolbar@toolbarnet.com\ not found.
Folder C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\engine@conduit.com\ not found.
Folder C:\Users\HP Pavilion dv5\AppData\Roaming\mozilla\Firefox\Profiles\hp8q5oje.default\extensions\toolbar@ask.com\ not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\askcom.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\conduit.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\daemon-search.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-1.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-10.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-11.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-12.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-13.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-14.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-15.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-2.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-3.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-4.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-5.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-6.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-7.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-8.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin-9.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\icqplugin.xml not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\Mozilla\Firefox\Profiles\hp8q5oje.default\searchplugins\winamp-search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\ConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
File C:\Program Files\AVG\AVG10\avgssie.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ not found.
File C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
File C:\Program Files\free-downloads.net\tbfre2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
File C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ecdee021-0d17-467f-a1ff-c7a115230949} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
File downloads.net\tbfre2.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\tbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
File C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}\ not found.
File downloads.net\tbfre2.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2662851720-412359550-3639117982-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{184ed493-84f3-11de-85ba-0021866360d9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{184ed493-84f3-11de-85ba-0021866360d9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78b5df09-84f5-11de-952f-0021866360d9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78b5df09-84f5-11de-952f-0021866360d9}\ not found.
File/Folder C:\Windows\System32\*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
File C:\Users\HP Pavilion dv5\AppData\Roaming\U3\temp\cleanup.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\reset not found.
File C:\Windows\reset.reg not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG_TRAY not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FlashGet 3 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
========== FILES ==========
File\Folder C:\Windows\DXT2207.tmp not found.
File\Folder C:\Program Files\AOL\AOL Toolbar 5.0 not found.
File\Folder C:\Program Files\Winamp Toolbar not found.
File\Folder C:\Program Files\uTorrentBar not found.
File\Folder C:\Program Files\Ask.com not found.
File\Folder C:\Program Files\free-downloads.net\tbfre2.dll not found.
File\Folder C:\Program Files\ICQ6Toolbar not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACCD5D.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HP Pavilion dv5
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Nikol
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 36081306 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95793357 bytes
->Flash cache emptied: 1902 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 87464209 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 209,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: HP Pavilion dv5
->Flash cache emptied: 0 bytes

User: Nikol
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 01302011_164809

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 30 led 2011 17:09

Jdeme dale

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Napiste jak se chova PC

4Janny4 · #14 Příspěvek od **4Janny4** » 30 led 2011 17:30

Pc ..se chova docela přijatelně ... ještš by to asi chtělo promazat disky a udělat defragmentaci ..protože je má zcela uplně zaplněné ..

#15 Příspěvek od **vyosek** » 30 led 2011 17:36

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Vlozte novy log z RSIT a napiste jak se chova PC, ci je jiz v poradku

VIRY.CZ

Nakažené PC ... Pls o radu

Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu

Re: Nakažené PC ... Pls o radu