Sám se spouští Windows Media Player Vyřešeno

[jaro3]

Žádnou obnovu nedělej.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall


vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)


Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Reklama]

[Seval]

OTL logfile created on: 30.8.2010 20:14:24 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Richard Kopal.MOJE\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 473,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 2,67 Gb Free Space | 3,58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOJE
Current User Name: Richard Kopal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Richard Kopal.MOJE\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Richard Kopal.MOJE\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (ServiceLayer) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (StarWindService) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)


========== Driver Services (SafeList) ==========

DRV - (VClone) -- C:\WINDOWS\System32\DRIVERS\VClone.sys File not found
DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (InCDRm) -- C:\WINDOWS\System32\drivers\InCDRm.sys File not found
DRV - (InCDPass) -- C:\WINDOWS\System32\drivers\InCDPass.sys File not found
DRV - (InCDFs) -- C:\WINDOWS\System32\drivers\InCDFs.sys File not found
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (usbaudio) Ovladač zvukové karty USB (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (V0420VID) Live! Cam Vista IM (VF0420) -- C:\WINDOWS\system32\drivers\V0420Vid.sys (Creative Technology Ltd.)
DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\atl01_xp.sys (Attansic Technology corporation.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (genmcmnUSB) -- C:\WINDOWS\system32\drivers\gflmouhid.sys ()
DRV - (gHidUsbF) -- C:\WINDOWS\system32\drivers\gHidUsbF.sys ()
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys ()
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation)
DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation)
DRV - (Vax347b) -- C:\WINDOWS\system32\DRIVERS\Vax347b.sys ( )
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (Vax347s) -- C:\WINDOWS\System32\Drivers\Vax347s.sys ( )


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://aktualne.cz [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.04.30 17:49:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.06.11 20:20:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox 3.5 Preview\components [2010.08.25 01:11:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.5 Preview\plugins [2010.08.09 08:08:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.01.01 17:55:05 | 000,000,000 | ---D | M]

[2009.06.12 18:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Mozilla\Extensions
[2009.06.12 18:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.08.30 15:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Mozilla\Firefox\Profiles\b8e4p73p.default\extensions
[2010.05.10 21:09:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Mozilla\Firefox\Profiles\b8e4p73p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.11 21:25:24 | 000,002,251 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Mozilla\Firefox\Profiles\b8e4p73p.default\searchplugins\askcom.xml

O1 HOSTS File: ([2010.08.29 16:35:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [mouseElf] C:\Program Files\ErgoMedia\MouseElf.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\VideoGet\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\VideoGet\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 2365396968 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop WallPaper: C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.08.30 20:13:12 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\OTL.exe
[2010.08.30 20:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Testy
[2010.08.30 19:59:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Richard Kopal.MOJE\Recent
[2010.08.30 19:59:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.08.29 15:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Kodek CZ
[2010.08.11 11:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Music
[2010.08.11 10:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Excelent
[2010.08.11 10:44:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Ľudovky
[2007.10.28 20:21:20 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\pcouffin.sys
[2007.06.03 12:15:26 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Vax347b.sys
[2007.06.03 12:15:26 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Vax347s.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.30 20:13:12 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\OTL.exe
[2010.08.30 19:34:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.30 14:51:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.30 14:51:37 | 000,003,151 | ---- | M] () -- C:\WINDOWS\System32\mouseconfig.inf
[2010.08.30 14:51:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.30 14:51:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.30 14:50:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.30 09:26:13 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\ntuser.dat
[2010.08.30 09:26:13 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\ntuser.ini
[2010.08.30 08:45:21 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Filmy ke stažení.doc
[2010.08.30 06:15:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.29 16:36:54 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.29 16:35:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.29 09:37:40 | 000,127,488 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.22 20:42:29 | 700,681,254 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Dětská hra 1 cz.avi
[2010.08.21 22:02:27 | 000,114,450 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Super_Bluetooth_Hack_1.08.jar
[2010.08.13 10:45:35 | 000,217,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.13 02:38:44 | 000,987,296 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.13 02:38:44 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.13 02:38:44 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.09 11:30:50 | 873,716,304 | ---- | M] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\ČERNÍ ANDĚLÉ 06 - help for you.avi
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.22 20:03:10 | 700,681,254 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Dětská hra 1 cz.avi
[2010.08.21 22:02:26 | 000,114,450 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\Super_Bluetooth_Hack_1.08.jar
[2010.08.09 10:38:19 | 873,716,304 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Plocha\ČERNÍ ANDĚLÉ 06 - help for you.avi
[2010.05.25 17:53:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll
[2010.05.25 17:53:43 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidUsbF.sys
[2010.05.25 17:53:43 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2010.04.19 23:41:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\inst.exe
[2009.03.07 15:22:58 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ae.INI
[2008.12.25 23:05:03 | 000,000,068 | ---- | C] () -- C:\WINDOWS\Awpr.ini
[2008.12.21 21:57:31 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.12.21 21:57:15 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.12.21 21:57:14 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.12.21 21:57:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.21 21:57:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.01 12:15:18 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.12.01 12:15:18 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2008.12.01 12:15:18 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.12.01 12:15:18 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008.10.08 11:34:36 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\thxcfg.ini
[2008.09.01 18:29:41 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2008.08.15 00:00:26 | 000,000,348 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.06.16 09:26:10 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\vso_ts_preview.xml
[2008.06.01 08:13:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008.03.08 14:45:37 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ezsid.dat
[2007.12.10 12:19:25 | 000,003,808 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\EA7AD31C-12D6-4C8E-B433-55BCB26189C8.txt
[2007.12.01 14:24:34 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.10.28 20:21:21 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ezpinst.exe
[2007.10.28 20:21:21 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\pcouffin.cat
[2007.10.28 20:21:21 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\pcouffin.log
[2007.10.28 20:21:20 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\pcouffin.inf
[2007.10.25 17:04:30 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2007.10.25 17:04:30 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2007.10.15 22:10:27 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\QTSBandwidthCache
[2007.05.31 21:00:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.05.31 19:19:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.05.31 18:29:24 | 000,000,701 | ---- | C] () -- C:\WINDOWS\DesetiPrsty.INI
[2007.05.31 18:15:23 | 000,000,373 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.05.31 18:06:27 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 17:31:55 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.05.31 16:43:46 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.05.31 15:26:30 | 000,127,488 | ---- | C] () -- C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.31 14:10:11 | 000,017,886 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.05.31 14:10:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007.05.31 14:10:04 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.07.16 13:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll

========== LOP Check ==========

[2009.07.01 10:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Apowersoft
[2007.10.25 17:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bluetooth
[2010.07.09 20:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2008.04.27 12:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Downloaded Installations
[2008.12.02 00:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ESET
[2010.03.07 23:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GameXzone
[2009.02.21 15:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\HighAndes
[2009.03.11 12:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2008.02.21 17:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\muvee Technologies
[2010.01.23 16:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NokiaMusic
[2010.01.23 16:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
[2010.07.20 18:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\QuickMediaConverter
[2007.07.21 14:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Ringjacker
[2010.04.20 00:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Rising
[2010.03.16 23:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2010.04.20 00:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Ulead Systems
[2009.07.01 22:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Ashampoo
[2010.07.20 18:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\CocoonSoftware
[2010.07.09 20:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\DAEMON Tools Lite
[2009.01.11 13:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\esmska
[2010.01.03 02:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\FFSJ
[2007.09.28 20:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\FreeCommander
[2009.02.21 15:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\HighAndes
[2007.12.31 15:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ICQ
[2008.01.01 22:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ICQ Toolbar
[2007.06.21 17:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ICQLite
[2007.09.07 11:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Leadertech
[2009.07.01 22:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Moyea
[2008.02.21 17:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\muvee Technologies
[2010.01.23 15:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Nokia
[2007.06.21 20:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Nokia Multimedia Player
[2010.01.23 18:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Nseries
[2010.01.23 16:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\PC Suite
[2007.07.21 13:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Ringjacker
[2008.12.01 12:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Simply Super Software
[2009.07.01 22:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Tomato
[2008.09.01 18:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\TrojanHunter
[2010.01.23 15:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Ulead Systems
[2010.03.21 00:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\uTorrent
[2007.10.06 11:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\VoipBuster
[2010.04.19 23:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\Vso
[2010.02.13 13:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\XnView

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CB0AACC9
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CAAA7DD7
< End of report >

[Seval]

OTL Extras logfile created on: 30.8.2010 20:14:24 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Richard Kopal.MOJE\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 473,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 2,67 Gb Free Space | 3,58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOJE
Current User Name: Richard Kopal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.5 Preview\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe" = C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe:*:Enabled:InstallShield (R) Setup Engine -- (InstallShield Software Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\English\setup.exe" = C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\English\setup.exe:*:Disabled:Kaspersky Anti-Virus 2009 Setup -- (Kaspersky Lab)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{368E88DE-E5D2-83E7-11AF-23375B581029}" = Nero 7 Demo
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%
"{EFA800BF-C5C8-46D1-B49D-13920D05417C}" = ESET NOD32 Antivirus
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All Editor_is1" = All Editor 2.4.3
"ASUS_Ai_Proactive_Screensaver (E)" = ASUS_Ai_Proactive_Screensaver (E)
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"AXIS Media Control" = AXIS Media Control
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Azbuka_is1" = Azbuka 1.0.2.2
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam User's Guide" = Creative Live! Cam User's Guide
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"DesetiPrsty" = DesetiPrsty 4.30
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"ESET Online Scanner" = ESET Online Scanner v3
"FLV Player2.0 " = FLV Player
"FormatFactory" = FormatFactory 2.30
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.4.2
"KYE" = ErgoMedia
"Magic Video Converter_is1" = Magic Video Converter Trial Version (English) 7.9.6.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6." = Mozilla Firefox (3.6.
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"SightSpeed" = SightSpeed (remove only)
"SolveigMM AVI Trimmer 1.4" = SolveigMM AVI Trimmer
"SysInfo" = Creative System Information
"TibetQuest_is1" = Tibet Quest
"Totalcmd" = Total Commander (Remove or Repair)
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VorbisCodec" = Ogg Vorbis ACM Codec
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winpcap-nmap" = winpcap-nmap 4.02
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XnView_is1" = XnView 1.96.2
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.8.2010 7:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 28.8.2010 11:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 28.8.2010 12:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 28.8.2010 13:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 28.8.2010 14:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 28.8.2010 15:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 29.8.2010 4:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 29.8.2010 5:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 29.8.2010 6:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

Error - 30.8.2010 3:37:23 | Computer Name = MOJE | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 27.8.2010 23:31:54 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 28.8.2010 11:16:55 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 29.8.2010 11:10:30 | Computer Name = MOJE | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 29.8.2010 11:18:11 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 29.8.2010 11:19:18 | Computer Name = MOJE | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 00000000, parametr2 00000002, parametr3
00000001, parametr4 804e6dfb.

Error - 29.8.2010 11:29:13 | Computer Name = MOJE | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 29.8.2010 11:36:17 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 29.8.2010 14:02:47 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 30.8.2010 1:10:01 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 30.8.2010 9:51:36 | Computer Name = MOJE | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126


< End of report >

[jaro3]

Drive C: | 74,52 Gb Total Space | 2,67 Gb Free Space | 3,58% Space Free | Partition Type: NTFS

Máš málo místa na disku , je třeba ho bezpodmínečně uvolnit! Něco odinstaluj , smaž! Pro správný chod windows je třeba mít až 15% volného místa! Jinak mohou nastat problémy.

Pokud tam ještě máš :
TrojanHunter+ICQ Toolbar
Odinstaluj.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (VClone) -- C:\WINDOWS\System32\DRIVERS\VClone.sys File not found
DRV - (upperdev) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (InCDRm) -- C:\WINDOWS\System32\drivers\InCDRm.sys File not found
DRV - (InCDPass) -- C:\WINDOWS\System32\drivers\InCDPass.sys File not found
DRV - (InCDFs) -- C:\WINDOWS\System32\drivers\InCDFs.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CB0AACC9
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CAAA7DD7

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\inst.exe
C:\WINDOWS\System32\thxcfg.ini
C:\WINDOWS\System32\streamhlp.dll
C:\WINDOWS\impborl.dll
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ICQ Toolbar
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\TrojanHunter

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\TaskKeyHook.dll
C:\WINDOWS\System32\drivers\gHidUsbF.sys
C:\WINDOWS\ae.INI

Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkazy na stránky s výsledky.

+
Aktualizuj javu:
Java SE Runtime Environment 6u21
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u21-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.

[Seval]

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
Service VClone stopped successfully!
Service VClone deleted successfully!
File C:\WINDOWS\System32\DRIVERS\VClone.sys File not found not found.
Service upperdev stopped successfully!
Service upperdev deleted successfully!
File C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys File not found not found.
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File C:\WINDOWS\System32\drivers\InCDRm.sys File not found not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File C:\WINDOWS\System32\drivers\InCDPass.sys File not found not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File C:\WINDOWS\System32\drivers\InCDFs.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\ deleted successfully.
Starting removal of ActiveX control {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
C:\WINDOWS\Downloaded Program Files\QTPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CB0AACC9 deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:CAAA7DD7 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\PerfStringBackup.TMP moved successfully.
C:\WINDOWS\System32\SET5E2.tmp moved successfully.
C:\WINDOWS\System32\SET6BB1.tmp moved successfully.
C:\WINDOWS\002236_.tmp moved successfully.
C:\WINDOWS\005447_.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET7.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\inst.exe moved successfully.
C:\WINDOWS\System32\thxcfg.ini moved successfully.
C:\WINDOWS\System32\streamhlp.dll moved successfully.
C:\WINDOWS\impborl.dll moved successfully.
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\ICQ Toolbar folder moved successfully.
C:\Documents and Settings\Richard Kopal.MOJE\Data aplikací\TrojanHunter folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Richard Kopal
->Temp folder emptied: 709794 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Richard Kopal.MOJE
->Temp folder emptied: 373343675 bytes
->Temporary Internet Files folder emptied: 2125888 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87745867 bytes
->Flash cache emptied: 6013 bytes

User: RICHAR~1~MOJ

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 443,00 mb


[EMPTYFLASH]

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

User: Richard Kopal

User: Richard Kopal.MOJE
->Flash cache emptied: 0 bytes

User: RICHAR~1~MOJ

Total Flash Files Cleaned = 0,00 mb

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.2.11.0 log created on 08312010_205156

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Seval]

Test souborů dopadl dobře:
C:\WINDOWS\System32\TaskKeyHook.dll
C:\WINDOWS\System32\drivers\gHidUsbF.sys
C:\WINDOWS\ae.INI

[jaro3]

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud si uvolnil to místo na disku , napiš , jak to vypadá s PC (WMP atd.)

[Seval]

Tak bohužel, WMP se pořád spouští. A navíc, ale jen když otevřu složku s filmy, hodí mi to chybu. Napíše, že v aplikaci explorer.exe nastala chyba a je třeba ji zavřít. A když to zavřu, vyskočí další hláška s aplikací Bluetooth...

[jaro3]

Memtest:
http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
+
Kontrola HDD na chyby
otevři Tento počítač- pravým na disk-vlastnosti-záložka nástroje-kontrola chyb-zkontrolovat-v okně zatrhni obě políčka-klikni na spustit- tam to napíše , že kontrola bude provedena po příštím spuštění...
Restartuj PC, kontrola s opravou někdy trvá i několik hodin...
+
Stáhni si Dial-a-fix
Explorer/IE/OE/shell/WMP - Pokusí se o opravu Internet Exploreru, Outlook Expressu, Windows Media Playeru atd.
Policies: Otevře přehled všech použitých omezení nastavených v registru, například na použití editoru registru, správce úloh atd.----pak sem dej log..
Klikni na službu(dej zatržítko) a potom na GO.

+
Stáhni si Stáhni si Rootkit Unhooker

a ulož si ho na svojí plochu. Poklepej na RKUnhookerLE ke spuštění programu.
Klikni na Report , potom klikni na Scan.
Dej zatržítka na Drivers, Stealth , zbytek musí být bez zatržítek.
Klikni na OK.
Počkej , až se sken dokončí a potom si zprávu ulož (File > Save Report).
Zkopíruj si celou zprávu a vlož ji sem.

[Seval]

17:54:09 | Dial-a-fix was unable to determine your version of Internet Explorer
Notes about this log:
1) "->" denotes an external command being executed, and "-> (number)" indicates
the return code from the previous command
2) Not all external command return codes are accurate, or useful
3) Sometimes commands return 0 (no error) even when they fail or crash
4) If an error occurs while registering an object, please send an email to:
dial-a-fix@DjLizard.net and include a copy of this log

DAF version: v0.60.0.24

--- System info ---
OS: Microsoft Windows XP Service Pack 3
IE version: 8.0.6001.18702
MPC: 55703-640
CPU: Intel(R) Celeron(R) CPU 2.66GHz (~2666MHz)
CPU: CPU is 64-bit or has 64-bit extensions
BIOS: 7.12.2006
Memory (approx): 1015MB
Uptime: 0 hour(s)
Current directory: C:\DOCUME~1\RICHAR~1.MOJ\LOCALS~1\Temp\Rar$EX01.421\Dial-a-fix-v0.60.0.24
---

2.9.2010 17:54:09 -- Dial-a-fix : [v0.60.0.24] -- started
17:54:09 | Policy scan started
17:54:09 | Policy scan ended - no restrictive policies were found
--- Emptying temp folders ---
17:54:50 | Deleting C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\temp...
17:54:51 | C:\Documents and Settings\Richard Kopal.MOJE\Local Settings\temp could not be completely emptied, please reboot and try again
17:54:51 | Deleting C:\WINDOWS\temp...
17:54:51 | C:\WINDOWS\temp could not be completely emptied, please reboot and try again
17:54:51 | Deleting C:\DOCUME~1\RICHAR~1.MOJ\LOCALS~1\Temp...
17:54:51 | C:\DOCUME~1\RICHAR~1.MOJ\LOCALS~1\Temp could not be completely emptied, please reboot and try again
--- MSI ---
17:55:03 | Registered: C:\WINDOWS\system32\msi.dll
--- Windows Update ---
--- Registration: Windows Update/Automatic Update DLLs ---
17:55:09 | Unregistered: C:\WINDOWS\system32\msxml.dll
17:55:09 | Registered: C:\WINDOWS\system32\msxml.dll
17:55:10 | Unregistered: C:\WINDOWS\system32\msxml2.dll
17:55:12 | Registered: C:\WINDOWS\system32\msxml2.dll
17:55:14 | Unregistered: C:\WINDOWS\system32\msxml3.dll
17:55:14 | Registered: C:\WINDOWS\system32\msxml3.dll
17:55:15 | Unregistered: C:\WINDOWS\system32\qmgr.dll
17:55:15 | Registered: C:\WINDOWS\system32\qmgr.dll
17:55:15 | Unregistered: C:\WINDOWS\system32\qmgrprxy.dll
17:55:15 | Registered: C:\WINDOWS\system32\qmgrprxy.dll
17:55:15 | Unregistered: C:\WINDOWS\system32\winhttp.dll
17:55:15 | Registered: C:\WINDOWS\system32\winhttp.dll
17:55:15 | Registered: C:\WINDOWS\system32\wuapi.dll
17:55:16 | Unregistered: C:\WINDOWS\system32\wuaueng.dll
17:55:17 | Registered: C:\WINDOWS\system32\wuaueng.dll
17:55:17 | Unregistered: C:\WINDOWS\system32\wuaueng1.dll
17:55:17 | Registered: C:\WINDOWS\system32\wuaueng1.dll
17:55:17 | Unregistered: C:\WINDOWS\system32\wucltui.dll
17:55:17 | Registered: C:\WINDOWS\system32\wucltui.dll
17:55:17 | Unregistered: C:\WINDOWS\system32\wups.dll
17:55:17 | Registered: C:\WINDOWS\system32\wups.dll
17:55:17 | Unregistered: C:\WINDOWS\system32\wups2.dll
17:55:17 | Registered: C:\WINDOWS\system32\wups2.dll
17:55:17 | Unregistered: C:\WINDOWS\system32\wuweb.dll
17:55:17 | Registered: C:\WINDOWS\system32\wuweb.dll
17:55:17 | Registered: C:\WINDOWS\system32\ole32.dll
--- SSL/HTTPS/Cryptography ---
17:55:31 | Executed 'cmd.exe /c rmdir /q /s C:\WINDOWS\system32\Catroot2'
--- Registration: SSL/HTTPS/Cryptography ---
17:55:35 | Unregistered: C:\WINDOWS\system32\cryptdlg.dll
17:55:35 | Registered: C:\WINDOWS\system32\cryptdlg.dll
17:55:35 | Unregistered: C:\WINDOWS\system32\cryptui.dll
17:55:35 | Registered: C:\WINDOWS\system32\cryptui.dll
17:55:35 | Unregistered: C:\WINDOWS\system32\cryptext.dll
17:55:35 | Registered: C:\WINDOWS\system32\cryptext.dll
17:55:35 | Unregistered: C:\WINDOWS\system32\dssenh.dll
17:55:35 | Registered: C:\WINDOWS\system32\dssenh.dll
17:55:35 | Unregistered: C:\WINDOWS\system32\gpkcsp.dll
17:55:35 | Registered: C:\WINDOWS\system32\gpkcsp.dll
17:55:36 | Unregistered: C:\WINDOWS\system32\initpki.dll
17:56:06 | Registered: C:\WINDOWS\system32\initpki.dll
17:56:06 | Unregistered: C:\WINDOWS\system32\licdll.dll
17:56:06 | Registered: C:\WINDOWS\system32\licdll.dll
17:56:06 | Unregistered: C:\WINDOWS\system32\mssign32.dll
17:56:06 | Registered: C:\WINDOWS\system32\mssign32.dll
17:56:06 | Unregistered: C:\WINDOWS\system32\mssip32.dll
17:56:07 | Registered: C:\WINDOWS\system32\mssip32.dll
17:56:07 | Unregistered: C:\WINDOWS\system32\scardssp.dll
17:56:08 | Registered: C:\WINDOWS\system32\scardssp.dll
17:56:08 | Unregistered: C:\WINDOWS\system32\sccbase.dll
17:56:08 | Registered: C:\WINDOWS\system32\sccbase.dll
17:56:08 | Unregistered: C:\WINDOWS\system32\scecli.dll
17:56:08 | Registered: C:\WINDOWS\system32\scecli.dll
17:56:08 | Unregistered: C:\WINDOWS\system32\softpub.dll
17:56:08 | Registered: C:\WINDOWS\system32\softpub.dll
17:56:09 | Unregistered: C:\WINDOWS\system32\slbcsp.dll
17:56:09 | Registered: C:\WINDOWS\system32\slbcsp.dll
17:56:10 | Unregistered: C:\WINDOWS\system32\regwizc.dll
17:56:10 | Registered: C:\WINDOWS\system32\regwizc.dll
17:56:10 | Unregistered: C:\WINDOWS\system32\rsaenh.dll
17:56:10 | Registered: C:\WINDOWS\system32\rsaenh.dll
17:56:10 | Unregistered: C:\WINDOWS\system32\winhttp.dll
17:56:10 | Registered: C:\WINDOWS\system32\winhttp.dll
17:56:10 | Unregistered: C:\WINDOWS\system32\wintrust.dll
17:56:11 | Registered: C:\WINDOWS\system32\wintrust.dll
--- Registration: ActiveX controls/codecs ---
17:56:11 | Registered: C:\WINDOWS\system32\acelpdec.ax
17:56:11 | Registered: C:\WINDOWS\system32\actxprxy.dll
17:56:11 | Registered: C:\WINDOWS\system32\asctrls.ocx
17:56:11 | Registered: C:\WINDOWS\system32\daxctle.ocx
17:56:11 | Registered: C:\WINDOWS\system32\hhctrl.ocx
17:56:11 | Registered: C:\WINDOWS\system32\l3codecx.ax
17:56:12 | Registered: C:\WINDOWS\system32\licmgr10.dll
17:56:12 | Registered: C:\WINDOWS\system32\mpg4ds32.ax
17:56:17 | Registered: C:\WINDOWS\system32\msdxm.ocx
17:56:17 | Registered: C:\WINDOWS\system32\proctexe.ocx
17:56:17 | Registered: C:\WINDOWS\system32\tdc.ocx
17:56:17 | Registered: C:\WINDOWS\system32\wshom.ocx
--- Registration: Control Panel applets ---
17:56:18 | DllInstalled: C:\WINDOWS\system32\inetcpl.cpl
17:56:18 | DllInstalled: C:\WINDOWS\system32\appwiz.cpl
17:56:18 | Registered: C:\WINDOWS\system32\appwiz.cpl
17:56:18 | DllInstalled: C:\WINDOWS\system32\nusrmgr.cpl
17:56:19 | Registered: C:\WINDOWS\system32\nusrmgr.cpl
--- Registration: Direct[X|Draw|Show|Media] ---
17:56:19 | Registered: C:\WINDOWS\system32\quartz.dll
17:56:20 | Registered: C:\WINDOWS\system32\danim.dll
17:56:20 | Registered: C:\WINDOWS\system32\dmscript.dll
17:56:20 | Registered: C:\WINDOWS\system32\dmstyle.dll
17:56:20 | Registered: C:\WINDOWS\system32\dxmasf.dll
17:56:20 | Registered: C:\WINDOWS\system32\dxtmsft.dll
17:56:20 | Registered: C:\WINDOWS\system32\dxtrans.dll
17:56:20 | Registered: C:\WINDOWS\system32\sbe.dll
--- Registration: Programming cores/runtimes ---
17:56:20 | Registered: C:\WINDOWS\system32\atl.dll
17:56:20 | Registered: C:\WINDOWS\system32\corpol.dll
17:56:21 | Registered: C:\WINDOWS\system32\jscript.dll
17:56:21 | Registered: C:\WINDOWS\system32\dispex.dll
17:56:21 | Registered: C:\WINDOWS\system32\scrrun.dll
17:56:21 | Registered: C:\WINDOWS\system32\scrobj.dll
17:56:21 | Registered: C:\WINDOWS\system32\vbscript.dll
17:56:21 | Registered: C:\WINDOWS\system32\wshext.dll
--- Registration: Explorer/IE/OE/shell/WMP ---
17:56:21 | Registered: C:\WINDOWS\system32\activeds.dll
17:56:22 | Registered: C:\WINDOWS\system32\audiodev.dll
17:56:23 | DllInstalled: C:\WINDOWS\system32\browseui.dll
17:56:24 | Registered: C:\WINDOWS\system32\browseui.dll
17:56:24 | Registered: C:\WINDOWS\system32\browsewm.dll
17:56:24 | Registered: C:\WINDOWS\system32\cabview.dll
17:56:24 | Registered: C:\WINDOWS\system32\cdfview.dll
17:56:24 | Registered: C:\WINDOWS\system32\clbcatex.dll
17:56:24 | Registered: C:\WINDOWS\system32\clbcatq.dll
17:56:24 | Registered: C:\WINDOWS\system32\comcat.dll
17:56:24 | Registered: C:\WINDOWS\system32\cscui.dll
17:56:25 | Registered: C:\WINDOWS\system32\credui.dll
17:56:25 | Registered: C:\WINDOWS\system32\datime.dll
17:56:25 | Registered: C:\WINDOWS\system32\devmgr.dll
17:56:25 | Registered: C:\WINDOWS\system32\dfsshlex.dll
17:56:25 | Registered: C:\WINDOWS\system32\dmdlgs.dll
17:56:25 | Registered: C:\WINDOWS\system32\dmdskmgr.dll
17:56:25 | Registered: C:\WINDOWS\system32\dmloader.dll
17:56:25 | Registered: C:\WINDOWS\system32\dmocx.dll
17:56:25 | Registered: C:\WINDOWS\system32\dmview.ocx
17:56:25 | DllInstalled: C:\WINDOWS\system32\dsuiext.dll
17:56:25 | Registered: C:\WINDOWS\system32\dsuiext.dll
17:56:25 | DllInstalled: C:\WINDOWS\system32\dsquery.dll
17:56:26 | Registered: C:\WINDOWS\system32\dsquery.dll
17:56:26 | Registered: C:\WINDOWS\system32\dskquoui.dll
17:56:26 | Registered: C:\WINDOWS\system32\els.dll
17:56:26 | Registered: C:\WINDOWS\system32\es.dll
17:56:26 | Registered: C:\WINDOWS\system32\fontext.dll
17:56:26 | Registered: C:\WINDOWS\system32\hlink.dll
17:56:26 | Registered: C:\WINDOWS\system32\hnetcfg.dll
17:56:27 | Registered: C:\WINDOWS\system32\iedkcs32.dll
17:56:27 | Registered: C:\WINDOWS\system32\iepeers.dll
17:56:27 | Error 127: C:\WINDOWS\system32\iesetup.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:56:55 | Error 127: C:\WINDOWS\system32\iesetup.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
17:56:58 | Registered: C:\WINDOWS\system32\ils.dll
17:56:58 | Error 127: C:\WINDOWS\system32\imgutil.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:56:59 | Registered: C:\WINDOWS\system32\inetcfg.dll
17:57:00 | Registered: C:\WINDOWS\system32\inetcomm.dll
17:57:00 | Error 127: C:\WINDOWS\system32\inseng.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:57:05 | Error 127: C:\WINDOWS\system32\inseng.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
17:57:07 | Registered: C:\WINDOWS\system32\laprxy.dll
17:57:07 | Registered: C:\WINDOWS\system32\lmrt.dll
17:57:07 | Registered: C:\WINDOWS\system32\mlang.dll
17:57:08 | Registered: C:\WINDOWS\system32\mmcndmgr.dll
17:57:08 | Registered: C:\WINDOWS\system32\mmcshext.dll
17:57:09 | Registered: C:\WINDOWS\system32\mscoree.dll
17:57:09 | Error 127: C:\WINDOWS\system32\mshtml.dll is not registerable or the file is corrupted. Version: 8.00.6001.18939
17:57:11 | Error 127: C:\WINDOWS\system32\mshtml.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18939
17:57:12 | Registered: C:\WINDOWS\system32\mshtmled.dll
17:57:12 | Registered: C:\WINDOWS\system32\msieftp.dll
17:57:12 | Registered: C:\WINDOWS\system32\msoeacct.dll
17:57:12 | Registered: C:\WINDOWS\system32\msr2c.dll
17:57:13 | Error 127: C:\WINDOWS\system32\msrating.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:57:16 | DllInstalled: C:\WINDOWS\system32\mydocs.dll
17:57:16 | Registered: C:\WINDOWS\system32\mydocs.dll
17:57:16 | Registered: C:\WINDOWS\system32\mstime.dll
17:57:16 | Registered: C:\WINDOWS\system32\netcfgx.dll
17:57:16 | DllInstalled: C:\WINDOWS\system32\netplwiz.dll
17:57:16 | Registered: C:\WINDOWS\system32\netplwiz.dll
17:57:17 | Registered: C:\WINDOWS\system32\netman.dll
17:57:17 | Registered: C:\WINDOWS\system32\netshell.dll
17:57:17 | Registered: C:\WINDOWS\system32\ntmsevt.dll
17:57:17 | Registered: C:\WINDOWS\system32\ntmsmgr.dll
17:57:17 | DllInstalled: C:\WINDOWS\system32\ntmssvc.dll
17:57:17 | Registered: C:\WINDOWS\system32\ntmssvc.dll
17:57:17 | Error 127: C:\WINDOWS\system32\occache.dll is not registerable or the file is corrupted. Version: 8.00.6001.18939
17:57:18 | Error 127: C:\WINDOWS\system32\occache.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18939
17:57:19 | Registered: C:\WINDOWS\system32\ole32.dll
17:57:19 | Registered: C:\WINDOWS\system32\oleaut32.dll
17:57:19 | Registered: C:\WINDOWS\system32\oleacc.dll
17:57:19 | Registered: C:\WINDOWS\system32\olepro32.dll
17:57:19 | DllInstalled: C:\WINDOWS\system32\photowiz.dll
17:57:19 | Registered: C:\WINDOWS\system32\photowiz.dll
17:57:20 | Error 127: C:\WINDOWS\system32\pngfilt.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:57:20 | Registered: C:\WINDOWS\system32\remotepg.dll
17:57:21 | Registered: C:\WINDOWS\system32\rpcrt4.dll
17:57:21 | Registered: C:\WINDOWS\system32\rshx32.dll
17:57:21 | Registered: C:\WINDOWS\system32\sendmail.dll
17:57:21 | Registered: C:\WINDOWS\system32\slayerxp.dll
17:57:26 | DllInstalled: C:\WINDOWS\system32\shdocvw.dll
17:57:27 | Registered: C:\WINDOWS\system32\shdocvw.dll
17:57:27 | Registered: C:\WINDOWS\system32\shell32.dll
17:57:32 | DllInstalled: C:\WINDOWS\system32\shell32.dll
17:57:32 | Registered: C:\WINDOWS\system32\shmedia.dll
17:57:32 | DllInstalled: C:\WINDOWS\system32\shimgvw.dll
17:57:32 | Registered: C:\WINDOWS\system32\shimgvw.dll
17:57:32 | DllInstalled: C:\WINDOWS\system32\shsvcs.dll
17:57:33 | Registered: C:\WINDOWS\system32\shsvcs.dll
17:57:33 | Registered: C:\WINDOWS\system32\srclient.dll
17:57:33 | Unregistered: C:\WINDOWS\system32\stobject.dll
17:57:33 | Registered: C:\WINDOWS\system32\stobject.dll
17:57:33 | DllInstalled: C:\WINDOWS\system32\themeui.dll
17:57:33 | Registered: C:\WINDOWS\system32\themeui.dll
17:57:34 | Registered: C:\WINDOWS\system32\twext.dll
17:57:36 | DllInstalled: C:\WINDOWS\system32\urlmon.dll
17:57:36 | Registered: C:\WINDOWS\system32\urlmon.dll
17:57:36 | Registered: C:\WINDOWS\system32\userenv.dll
17:57:36 | Error 127: C:\WINDOWS\system32\webcheck.dll is not registerable or the file is corrupted. Version: 8.00.6001.18702
17:57:39 | Error 127: C:\WINDOWS\system32\webcheck.dll is not DLLInstall-able or the file is corrupted. Version: 8.00.6001.18702
17:57:43 | Registered: C:\WINDOWS\system32\webvw.dll
17:57:43 | Registered: C:\WINDOWS\system32\winhttp.dll
17:57:43 | DllInstalled: C:\WINDOWS\system32\wininet.dll
17:57:43 | Registered: C:\WINDOWS\system32\zipfldr.dll
17:57:43 | Registered: C:\Program Files\Common Files\system\Ole DB\msdadc.dll
17:57:43 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaenum.dll
17:57:43 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaer.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaipp.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaora.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaosp.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaps.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdasc.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdasql.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdatt.dll
17:57:44 | Registered: C:\Program Files\Common Files\system\Ole DB\msdaurl.dll
17:57:45 | Registered: C:\Program Files\Common Files\system\Ole DB\msdmeng.dll
17:57:45 | Registered: C:\Program Files\Common Files\system\Ole DB\msdmine.dll
17:57:45 | Registered: C:\Program Files\Common Files\system\Ole DB\msmdcb80.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\msmdgd80.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\msolap80.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\msolui80.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\msxactps.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\oledb32.dll
17:57:46 | Registered: C:\Program Files\Common Files\system\Ole DB\oledb32r.dll
17:57:47 | Registered: C:\Program Files\Common Files\system\Ole DB\sqloledb.dll
17:57:47 | Registered: C:\Program Files\Common Files\system\Ole DB\sqlxmlx.dll

[Seval]

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2192128 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2192128 bytes
0x804D7000 RAW 2192128 bytes
0x804D7000 WMIxWDM 2192128 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6CD4000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 1167360 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xBF07E000 C:\WINDOWS\System32\ialmdd5.DLL 983040 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
0xAA1E6000 C:\WINDOWS\system32\DRIVERS\eamon.sys 835584 bytes (ESET, Amon monitor)
0xF7504000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xAA421000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xAA6D0000 C:\WINDOWS\system32\drivers\Senfilt.sys 393216 bytes (Sensaura, Sensaura WDM 3D Audio Driver)
0xF6B63000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xAA51F000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA9759000 C:\WINDOWS\System32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xBF043000 C:\WINDOWS\System32\ialmdev5.DLL 241664 bytes (Intel Corporation, Component GHAL Driver)
0xF6BC1000 C:\WINDOWS\System32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7661000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xA98D9000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF74D7000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xAA491000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xAA747000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 167936 bytes (Analog Devices, Inc., High Definition Audio Function Driver(Release Candidate 1))
0xF6C98000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xAA4F7000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF768F000 Vax347b.sys 159744 bytes ( , Plug and Play BIOS Extension)
0xF760B000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xAA3FB000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xA9E7A000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF6C19000 C:\WINDOWS\system32\DRIVERS\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6C74000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6C3D000 C:\WINDOWS\System32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xAA4BC000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xBF021000 C:\WINDOWS\System32\ialmdnt5.dll 139264 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0x806EF000 ACPI_HAL 131840 bytes
0x806EF000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF75BB000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7631000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xAA64B000 C:\WINDOWS\system32\DRIVERS\ehdrv.sys 118784 bytes (ESET, ESET Helper driver)
0xF74BD000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xAA4DE000 C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 102400 bytes (ESET, ESET Antivirus Network Redirector)
0xAA3BA000 C:\WINDOWS\system32\DRIVERS\V0420Vid.sys 102400 bytes (Creative Technology Ltd., Video Capture Device Driver)
0xF75F3000 98304 bytes
0xAA3A2000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF75DB000 C:\WINDOWS\System32\Drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xAA730000 C:\WINDOWS\system32\drivers\AEAudio.sys 94208 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
0xF75A4000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6C02000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA9E65000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6C60000 C:\WINDOWS\System32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF6CC0000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xAA578000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF7591000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7650000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6BF1000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF78C7000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF6E31000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF6E51000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF6E01000 C:\WINDOWS\system32\DRIVERS\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 61440 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF6E21000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xAA61B000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF78A7000 C:\WINDOWS\system32\drivers\usbaudio.sys 61440 bytes (Microsoft Corporation, USB Audio Class Driver)
0xF7817000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7717000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF6DF1000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF76F7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF77C7000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7867000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF6E41000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF76E7000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF77B7000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF6E71000 C:\WINDOWS\System32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processor Device Driver)
0xF76D7000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7807000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xA9BE8000 C:\WINDOWS\System32\DRIVERS\secdrv.sys 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xF77E7000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF6E11000 C:\WINDOWS\System32\Drivers\VcommMgr.sys 40960 bytes (IVT Corporation, Bluetooth VcommMgr driver)
0xF6E61000 C:\WINDOWS\system32\DRIVERS\atl01_xp.sys 36864 bytes (Attansic Technology corporation., Attansic L1 Gigabit Ethernet Controller ndis miniport driver)
0xF7707000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF7897000 C:\WINDOWS\System32\Drivers\gHidUsbF.Sys 36864 bytes (-, Extended function Driver)
0xF7887000 C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF77D7000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF7847000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA930A000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF7727000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7877000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7A3F000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF7AA7000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7AAF000 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xF7A67000 C:\WINDOWS\system32\DRIVERS\VComm.sys 32768 bytes (IVT Corporation, Bluetooth Serial Port Driver)
0xF7967000 BTHidMgr.sys 28672 bytes (IVT Corporation, Bluetooth HID Manager driver)
0xF7A2F000 C:\WINDOWS\System32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xF7A8F000 C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF79CF000 C:\WINDOWS\system32\drivers\npf.sys 28672 bytes (CACE Technologies, npf.sys (NT5/6 x86) Kernel Driver)
0xF7957000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7AB7000 C:\WINDOWS\System32\Drivers\btcusb.sys 24576 bytes (IVT Corporation, Bluetooth USB Device Driver)
0xF7A6F000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7A77000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7A27000 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7A97000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7A37000 C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 20480 bytes (IVT Corporation, Bluelet Audio Driver)
0xF7A7F000 C:\WINDOWS\System32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xF7A9F000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF795F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7A57000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7A5F000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF7A47000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF7AC7000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xAA7A8000 C:\WINDOWS\System32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7485000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAA1B2000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7BC3000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF7AE7000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xAA788000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xAA7B0000 C:\WINDOWS\System32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xAA7A4000 C:\WINDOWS\System32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7BCF000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7BAF000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7BCB000 C:\WINDOWS\system32\DRIVERS\vbtenum.sys 12288 bytes
0xF7BB3000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0xF7BEF000 C:\WINDOWS\System32\DRIVERS\ASACPI.sys 8192 bytes (-, ATK0110 ACPI Utility)
0xF7C03000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7BDB000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7C19000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7C01000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7C09000 C:\WINDOWS\system32\DRIVERS\gflmouhid.sys 8192 bytes (-, WDM NULL filter driver)
0xF7BD7000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7C05000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7C0F000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xF7C07000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7BF3000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xF7BFB000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7BFF000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7BDD000 Vax347s.sys 8192 bytes ( , SCSI miniport)
0xF7BD9000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D4D000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7CD0000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7DC5000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C9F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x86B39128 unknown_irp_handler 3800 bytes
0x86CB5150 unknown_irp_handler 3760 bytes
0x86D4D5F8 unknown_irp_handler 2568 bytes
0x86C076B0 unknown_irp_handler 2384 bytes
0x8658C868 unknown_irp_handler 1944 bytes
0x86C938E0 unknown_irp_handler 1824 bytes
0x86F52938 unknown_irp_handler 1736 bytes
0x86590D18 unknown_irp_handler 744 bytes
0x86B44EA0 unknown_irp_handler 352 bytes
0x86BFBFB0 unknown_irp_handler 80 bytes
==============================================
>Stealth
==============================================
0x865EBF53 Unknown page with executable code, 173 bytes
0x8667CE44 Unknown page with executable code, 444 bytes
0x86684D66 Unknown page with executable code, 666 bytes

[jaro3]

Vypni rez.ochrany a firewall.

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .


uvolnil si místo na disku? Provedl si Memtest a kontrolu HDD na chyby?