Prajem pekný deň, prosím o preventívnu kontrolu logu. V poslednom sa mi nejak PC nepozdava. Vopred ďakujem
Logfile of random's system information tool 1.09 (written by random/random)
Run by Matej at 2012-01-08 17:12:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 9 GB (24%) free of 38 GB
Total RAM: 1918 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:45, on 8. 1. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Matej\Desktop\RSIT.exe
C:\Program Files\trend micro\Matej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
--
End of file - 3964 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default
prefs.js - "browser.startup.homepage" - "http://tvnoviny.sk/"
prefs.js - "keyword.URL" - "http://startsear.ch/?aff=1&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npvsharetvplg.dll
npwachk.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\extensions\
jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack
{37fa1426-b82d-11db-8314-0800200c9a66}
C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\
startsear.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files\vShare.tv plugin\BarLcher.dll [2011-06-01 177712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - C:\Program Files\vShare.tv plugin\BarLcher.dll [2011-06-01 177712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2005-04-15 77824]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ATIModeChange"=C:\Windows\system32\Ati2mdxx.exe [2005-06-28 25088]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\Windows\system32\Ati2evxx.dll [2005-06-28 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-08 17:12:20 ----D---- C:\rsit
2012-01-08 17:12:20 ----D---- C:\Program Files\trend micro
2012-01-08 00:35:52 ----A---- C:\Windows\system32\QTCF.dll
2012-01-08 00:35:46 ----D---- C:\Program Files\QuickTime Alternative
2012-01-05 19:09:44 ----D---- C:\Users\Matej\AppData\Roaming\IObit
2012-01-05 14:49:29 ----D---- C:\ProgramData\RFA_Backups
2012-01-05 14:48:10 ----D---- C:\ProgramData\Registry First Aid
2012-01-05 14:36:10 ----D---- C:\Windows\temp
2012-01-05 13:49:32 ----D---- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
2012-01-05 13:39:20 ----A---- C:\Windows\ntbtlog.txt
2012-01-05 13:32:23 ----D---- C:\Users\Matej\AppData\Roaming\PC Suite
2012-01-05 13:32:23 ----D---- C:\ProgramData\PC Suite
2012-01-05 13:30:56 ----D---- C:\Program Files\Common Files\Nokia
2012-01-05 13:29:59 ----D---- C:\Program Files\DIFX
2012-01-05 13:28:01 ----D---- C:\ProgramData\NokiaInstallerCache
2012-01-03 13:49:39 ----A---- C:\Windows\system32\shell32.dll
2011-12-30 15:37:17 ----DC---- C:\Windows\system32\DRVSTORE
2011-12-30 15:36:13 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-12-23 14:59:20 ----D---- C:\Users\Matej\AppData\Roaming\Auslogics
2011-12-23 14:59:13 ----D---- C:\Program Files\Auslogics
2011-12-17 19:04:37 ----D---- C:\ProgramData\ESRI
2011-12-17 16:32:05 ----D---- C:\Users\Matej\AppData\Roaming\ESRI
2011-12-17 16:19:27 ----D---- C:\ProgramData\Macrovision
2011-12-17 16:02:44 ----D---- C:\ProgramData\FLEXnet
2011-12-17 15:46:06 ----D---- C:\Program Files\ArcGIS
2011-12-17 15:38:24 ----D---- C:\Windows\system32\1033
2011-12-17 15:38:24 ----D---- C:\Program Files\Microsoft SQL Server
2011-12-15 10:34:25 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-15 10:34:25 ----A---- C:\Windows\system32\iertutil.dll
2011-12-15 10:34:24 ----A---- C:\Windows\system32\jscript9.dll
2011-12-15 10:34:24 ----A---- C:\Windows\system32\jscript.dll
2011-12-15 10:34:23 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-15 10:34:22 ----A---- C:\Windows\system32\wininet.dll
2011-12-15 10:34:22 ----A---- C:\Windows\system32\url.dll
2011-12-15 10:34:22 ----A---- C:\Windows\system32\ieui.dll
2011-12-15 10:34:20 ----A---- C:\Windows\system32\urlmon.dll
2011-12-15 10:34:19 ----A---- C:\Windows\system32\mshtml.dll
2011-12-15 10:34:18 ----A---- C:\Windows\system32\ieframe.dll
2011-12-15 10:31:51 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-15 10:31:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-15 10:31:46 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-15 10:31:41 ----A---- C:\Windows\system32\win32k.sys
2011-12-15 10:31:34 ----A---- C:\Windows\system32\tzres.dll
2011-12-15 10:31:04 ----A---- C:\Windows\system32\EncDec.dll
======List of files/folders modified in the last 1 month======
2012-01-08 17:12:32 ----D---- C:\Windows\Prefetch
2012-01-08 17:12:20 ----RHD---- C:\Program Files
2012-01-08 17:08:23 ----D---- C:\Windows\system32\catroot2
2012-01-08 17:08:23 ----D---- C:\Program Files\Mozilla Firefox
2012-01-08 17:08:17 ----HD---- C:\Windows
2012-01-08 16:14:22 ----D---- C:\Windows\system32\config
2012-01-08 16:08:50 ----D---- C:\Windows\System32
2012-01-08 16:08:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-08 16:08:49 ----D---- C:\Windows\inf
2012-01-08 00:35:55 ----D---- C:\ProgramData\Apple Computer
2012-01-08 00:35:46 ----SHD---- C:\Windows\Installer
2012-01-08 00:35:40 ----D---- C:\Windows\winsxs
2012-01-08 00:35:14 ----SHD---- C:\System Volume Information
2012-01-05 19:14:07 ----AD---- C:\Windows\system32\drivers
2012-01-05 19:14:06 ----D---- C:\Windows\system32\DriverStore
2012-01-05 19:14:06 ----D---- C:\Windows\system32\catroot
2012-01-05 15:09:59 ----HD---- C:\ProgramData
2012-01-05 14:48:11 ----SD---- C:\ProgramData\Microsoft
2012-01-05 14:07:18 ----D---- C:\Windows\system32\Tasks
2012-01-05 14:06:46 ----D---- C:\Program Files\Common Files
2012-01-05 14:02:33 ----D---- C:\Windows\Tasks
2012-01-03 14:54:33 ----D---- C:\Windows\Microsoft.NET
2012-01-03 14:54:30 ----RSD---- C:\Windows\assembly
2011-12-31 23:49:43 ----D---- C:\Windows\system32\wdi
2011-12-30 15:39:07 ----D---- C:\Users\Matej\AppData\Roaming\Apple Computer
2011-12-30 15:35:16 ----D---- C:\ProgramData\Apple
2011-12-30 14:38:47 ----D---- C:\Windows\system32\NDF
2011-12-30 14:25:59 ----D---- C:\Windows\system32\drivers\UMDF
2011-12-20 23:51:08 ----HD---- C:\Temp
2011-12-17 15:47:00 ----RSD---- C:\Windows\Fonts
2011-12-17 15:36:40 ----D---- C:\Users\Matej\AppData\Roaming\DAEMON Tools Lite
2011-12-16 23:06:16 ----D---- C:\DATA
2011-12-16 19:23:00 ----D---- C:\ProgramData\Temp
2011-12-16 19:08:52 ----D---- C:\Program Files\CyberLink
2011-12-15 11:55:56 ----D---- C:\Windows\rescache
2011-12-15 10:38:14 ----D---- C:\Windows\system32\sk-SK
2011-12-15 10:38:14 ----D---- C:\Windows\system32\migration
2011-12-15 10:38:13 ----D---- C:\Program Files\Internet Explorer
2011-12-15 10:37:36 ----D---- C:\ProgramData\Microsoft Help
2011-12-15 10:35:01 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-09-11 95896]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-21 1218048]
R3 ati2mtag;ati2mtag; C:\Windows\system32\DRIVERS\ati2mtag.sys [2005-06-29 1241088]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\Windows\system32\drivers\camc6aud.sys [2005-06-17 38144]
R3 CAMCHALA;CAMCHALA; C:\Windows\system32\drivers\camc6hal.sys [2005-06-17 352000]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSF_DPV.sys [2005-03-31 1034240]
R3 HSFHWATI;HSFHWATI; C:\Windows\system32\DRIVERS\HSFHWATI.sys [2005-03-31 211200]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSF_CNXT.sys [2005-03-31 714880]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2011-09-09 483200]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [2005-06-28 376832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-07 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o p. kontrolu logu _ ďakujem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
Zdravím. 
Něco určitě pomažeme. Pro začátek mi udělej scan s MBAM.
Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
Něco určitě pomažeme. Pro začátek mi udělej scan s MBAM. Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
- Proveď aktualizaci virové databáze.
- V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
- Předem nic nemaž!!
- MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Verzia databázy: v2012.01.10.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Matej :: MATEJ-PC [administrátor]
10. 1. 2012 13:51:40
mbam-log-2012-01-10 (14-28-00).txt
Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 237670
Uplynutý čas: 35 min, 54 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 13
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
Detegované registračné hodnoty: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: ;áĂzĘ;XAł0öm»Áµ -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: VShareTB -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: -> Žiadna úloha nevykonaná.
Detegované položky registračných dát: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://startsear.ch/?aff=1) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://startsear.ch/?aff=1) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
(koniec)
www.malwarebytes.org
Verzia databázy: v2012.01.10.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Matej :: MATEJ-PC [administrátor]
10. 1. 2012 13:51:40
mbam-log-2012-01-10 (14-28-00).txt
Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 237670
Uplynutý čas: 35 min, 54 sek
Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 13
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
Detegované registračné hodnoty: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: ;áĂzĘ;XAł0öm»Áµ -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: VShareTB -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Dáta: -> Žiadna úloha nevykonaná.
Detegované položky registračných dát: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://startsear.ch/?aff=1) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Škodlivý: (http://startsear.ch/?aff=1) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 1
C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> Žiadna úloha nevykonaná.
(koniec)
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
No vidíš, něco nám našel. Nálezy MBAMu dej všechny smazat a pak MBAM odinstaluj. Pokud to najdeš, dej odinstalovat i ten VShareToolBar. Potom fixni v HJT níže uvedené položky.Některé tam možná po zásahu MBAM a případné odinstalaci VShareToolBar nebudou, tak je prostě přeskoč.
"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Matej.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
Následně mi sem vlož log z OTL. Stáhni OTL z tohoto odkazu a ulož jej na Plochu.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Zaškrtni okénko Pro všechny uživatele.
- Zaškrtni okénko Kontrola na havěť "LOP".
- Zaškrtni okénko Kontrola na havěť "Purity".
- Stáři souborů změň z 30 dnů na 7 dnů!!
- Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5- Klikni na tlačítko [Prohledat].
- Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
- Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
... vsetko som urobil podla odpovede ale pri OTL - pri spusteni RUN SCAN to skoncilo takto :
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
Tohle je chyba OTL. Při jednom příkazu dochází ke konfliktu s antivirem. Bohužel, autorovi se zatím nedaří tuto chybu odstranit. 
Použij pro OTL takto upravený script:
Kód: Vybrat vše
CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
OTL logfile created on: 10. 1. 2012 16:04:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Matej\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,87 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 66,35% Memory free
3,75 Gb Paging File | 3,07 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 8,29 Gb Free Space | 22,24% Space Free | Partition Type: NTFS
Computer Name: MATEJ-PC | User Name: Matej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/07 12:02:55 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
PRC - [2009/09/11 06:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/09/11 06:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/02/19 08:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2005/04/15 19:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
========== Modules (No Company Name) ==========
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/09/07 20:13:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/05/07 12:02:55 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0)
SRV - [2009/09/11 06:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 06:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/02/19 08:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
========== Driver Services (SafeList) ==========
DRV - [2011/09/09 08:16:38 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011/08/17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/08/17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/09/21 16:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/11 06:26:28 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/09/11 06:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 06:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/06/29 00:01:58 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/17 14:17:48 | 000,352,000 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/06/17 14:17:00 | 000,038,144 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/04/19 18:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/03/31 15:08:02 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005/03/31 14:08:46 | 001,034,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/31 14:08:00 | 000,714,880 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB 22 D0 CB 88 6D CC 01 [binary data]
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://tvnoviny.sk/"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/08 00:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/10 14:45:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/09/07 18:21:06 | 000,000,000 | ---D | M]
[2011/09/07 19:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matej\AppData\Roaming\mozilla\Extensions
[2011/12/29 12:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions
[2011/12/29 12:24:23 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011/12/17 00:31:33 | 000,000,000 | ---D | M] (Auto Shutdown NG) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack
[2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\startsear.xml
[2011/09/07 19:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/08 00:27:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/01/08 00:27:49 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012/01/08 00:27:49 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/01/08 00:27:49 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012/01/08 00:27:49 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/01/08 00:27:49 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [ATIModeChange] C:\Windows\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6F85AE-5F03-4BEE-8A26-B513EF1180DD}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\Windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{27df4139-f3e0-11e0-a544-00c09febd59f}\Shell - "" = AutoRun
O33 - MountPoints2\{27df4139-f3e0-11e0-a544-00c09febd59f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{934b0062-28b2-11e1-8ff2-00c09febd59f}\Shell - "" = AutoRun
O33 - MountPoints2\{934b0062-28b2-11e1-8ff2-00c09febd59f}\Shell\AutoRun\command - "" = E:\ESRI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/01/10 14:52:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
[2012/01/10 13:50:00 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\Malwarebytes
[2012/01/10 13:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/10 10:45:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/08 19:01:06 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2012/01/08 19:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012/01/08 18:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/01/08 18:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2012/01/08 17:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/08 00:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
[2012/01/08 00:35:52 | 000,180,224 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QTCF.dll
[2012/01/08 00:35:52 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012/01/08 00:35:52 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012/01/08 00:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative
[2012/01/05 19:11:02 | 001,647,000 | ---- | C] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
[2012/01/05 19:09:44 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\IObit
[2012/01/05 14:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RFA_Backups
[2012/01/05 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry First Aid
[2012/01/05 14:36:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/05 13:49:32 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2012/01/05 13:33:09 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Local\NokiaAccount
[2012/01/05 13:32:27 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Local\Nokia
[2012/01/05 13:32:23 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2012/01/05 13:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/01/05 13:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012/01/05 13:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/01/05 13:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/09/29 17:56:13 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2011/09/29 17:56:13 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2011/09/29 17:56:13 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2011/09/29 17:56:12 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2011/09/29 17:56:12 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2011/09/29 17:56:12 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2011/09/29 17:56:12 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2011/09/29 17:56:12 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2011/09/29 17:56:12 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2011/09/29 17:56:12 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2011/09/29 17:56:12 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2011/09/29 17:56:12 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2011/09/29 17:56:11 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2011/09/29 17:56:11 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2011/09/29 17:56:11 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
========== Files - Modified Within 7 Days ==========
[2012/01/10 16:05:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
[2012/01/10 14:50:57 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:50:56 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:47:44 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/10 14:47:44 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/10 14:43:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/10 14:43:04 | 1508,564,992 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 19:12:16 | 001,647,000 | ---- | M] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
========== Files Created - No Company Name ==========
[2012/01/10 14:58:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/29 17:57:39 | 000,000,243 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011/09/29 17:56:13 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2011/09/29 17:56:13 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2011/09/29 17:56:12 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxbkinsr.dll
[2011/09/25 22:11:43 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2011/09/25 22:11:43 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2011/09/25 22:11:43 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2011/09/25 22:11:42 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2011/09/25 22:11:42 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2011/09/09 08:16:43 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2011/09/09 08:07:17 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2011/09/07 19:18:23 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/09/07 19:18:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/09/07 19:18:05 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/09/07 19:18:05 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/09/07 19:18:02 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/07 18:57:14 | 000,095,617 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/07 18:14:51 | 000,156,672 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2010/11/20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,355,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011/12/23 14:59:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Auslogics
[2012/01/05 13:49:32 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2011/12/17 15:36:40 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ESRI
[2011/09/09 07:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GHISLER
[2011/09/07 18:29:46 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Godlike
[2011/10/06 12:06:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GrabPro
[2012/01/05 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\IObit
[2011/10/06 13:41:53 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Orbit
[2012/01/05 13:32:23 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2011/10/06 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ProgSense
[2011/09/07 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinBatch
[2012/01/05 14:02:33 | 000,004,894 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< netsvc >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/12/03 00:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ABBYY
[2011/09/13 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Adobe
[2011/12/30 15:39:07 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Apple Computer
[2011/12/23 14:59:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Auslogics
[2012/01/05 13:49:32 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2011/09/07 18:47:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CyberLink
[2011/12/17 15:36:40 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ESRI
[2011/09/09 07:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GHISLER
[2011/09/07 18:29:46 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Godlike
[2011/10/06 12:06:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GrabPro
[2011/09/07 18:02:13 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Identities
[2012/01/05 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\IObit
[2011/09/07 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Macromedia
[2012/01/10 13:50:00 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Malwarebytes
[2010/11/21 04:01:02 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Media Center Programs
[2011/09/29 14:47:57 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Media Player Classic
[2012/01/10 10:56:40 | 000,000,000 | --SD | M] -- C:\Users\Matej\AppData\Roaming\Microsoft
[2011/09/07 19:08:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Mozilla
[2011/10/06 13:41:53 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Orbit
[2012/01/05 13:32:23 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2011/10/06 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ProgSense
[2011/11/08 23:05:33 | 000,000,000 | RH-D | M] -- C:\Users\Matej\AppData\Roaming\SecuROM
[2011/11/07 19:49:52 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\vlc
[2011/09/09 08:56:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Winamp
[2011/09/07 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinBatch
[2011/09/07 18:25:55 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012/01/10 14:50:56 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:50:57 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:47:44 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/01/10 14:47:44 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/01/10 14:47:44 | 000,726,316 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< %userprofile%\Plocha\*.* >
< %userprofile%\Desktop\*.* >
[2012/01/03 13:52:46 | 000,000,282 | -HS- | M] () -- C:\Users\Matej\Desktop\desktop.ini
[2012/01/05 19:12:16 | 001,647,000 | ---- | M] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
[2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
< %ALLUSERSPROFILE%\Plocha\*.* >
< %ALLUSERSPROFILE%\Desktop\*.* >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2011/12/02 22:22:43 | 460,660,006 | ---- | M] () -- \DATA\programz\AbbyFNR10x.by.deddy1000.of.PowerUploaders.rar
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/11/11 12:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011/10/19 11:37:02 | 000,006,927 | ---- | M] () -- \Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\content\loader.js
[2011/10/19 11:37:02 | 000,005,604 | ---- | M] () -- \Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\windows\loader.js
[2011/10/06 13:37:29 | 000,026,694 | ---- | M] () -- \Users\Matej\AppData\Roaming\Orbit\icon\FLV Video Downloader Trial.ico
[2011/10/06 13:37:29 | 000,022,486 | ---- | M] () -- \Users\Matej\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2007/04/30 15:43:12 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010/11/21 03:52:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010/11/21 03:52:25 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2010/11/21 03:52:25 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2010/11/20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010/11/20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010/11/20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010/11/21 03:51:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010/11/20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *TemDono* /s >
< *AutoKMS* /s >
< *KMSEmulator* /s >
< *activator* /s >
< *serial* /s >
[2007/09/29 08:52:50 | 000,000,022 | ---- | M] () -- \DATA\programz\ArcView\ArcView\!serial.txt
[2008/04/10 12:15:36 | 000,000,080 | ---- | M] () -- \DATA\programz\O&O\serial.txt
[2007/11/11 08:08:06 | 000,000,157 | ---- | M] () -- \DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\serial.txt
[2011/08/30 17:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011/11/25 13:03:00 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/14 00:27:24 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 18:56:16 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011/10/16 19:22:40 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011/10/16 19:22:49 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 19:26:41 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2012/01/03 13:48:02 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/01/03 13:48:01 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/01/03 13:48:07 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2010/11/21 03:52:12 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2010/11/21 03:52:08 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010/11/21 03:52:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010/11/20 22:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010/11/21 03:51:51 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2010/11/20 22:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010/11/20 22:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010/11/21 03:52:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 03:52:12 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
< *AutoRearm* /s >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SoundMan" = SOUNDMAN.EXE -- [2005/04/15 19:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.)
"egui" = "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice -- [2009/09/11 06:23:46 | 002,054,360 | ---- | M] (ESET)
"ATIModeChange" = Ati2mdxx.exe -- [2005/06/28 23:57:06 | 000,025,088 | ---- | M] (ATI Technologies, Inc.)
"Adobe ARM" = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2011/06/06 11:55:28 | 000,937,920 | ---- | M] (Adobe Systems Incorporated)
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/10 16:05:57 | 000,000,512 | ---- | M] () MD5=20094CE0C0941BE263C3DF10FEAC7A26 -- C:\PhysicalMBR.bin
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Matej\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,87 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 66,35% Memory free
3,75 Gb Paging File | 3,07 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 8,29 Gb Free Space | 22,24% Space Free | Partition Type: NTFS
Computer Name: MATEJ-PC | User Name: Matej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/07 12:02:55 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
PRC - [2009/09/11 06:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/09/11 06:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/02/19 08:12:18 | 000,537,256 | ---- | M] ( ) -- C:\Windows\System32\lxbkcoms.exe
PRC - [2005/04/15 19:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
========== Modules (No Company Name) ==========
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/10/27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/09/07 20:13:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/05/07 12:02:55 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0)
SRV - [2009/09/11 06:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 06:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/02/19 08:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbkcoms.exe -- (lxbk_device)
========== Driver Services (SafeList) ==========
DRV - [2011/09/09 08:16:38 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011/08/17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/08/17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/09/21 16:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/11 06:26:28 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/09/11 06:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 06:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/06/29 00:01:58 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/06/17 14:17:48 | 000,352,000 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/06/17 14:17:00 | 000,038,144 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2005/04/19 18:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/03/31 15:08:02 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005/03/31 14:08:46 | 001,034,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/03/31 14:08:00 | 000,714,880 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB 22 D0 CB 88 6D CC 01 [binary data]
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://tvnoviny.sk/"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/08 00:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/10 14:45:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/09/07 18:21:06 | 000,000,000 | ---D | M]
[2011/09/07 19:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matej\AppData\Roaming\mozilla\Extensions
[2011/12/29 12:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions
[2011/12/29 12:24:23 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011/12/17 00:31:33 | 000,000,000 | ---D | M] (Auto Shutdown NG) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack
[2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\startsear.xml
[2011/09/07 19:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/08 00:27:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/01/08 00:27:49 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012/01/08 00:27:49 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/01/08 00:27:49 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012/01/08 00:27:49 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/01/08 00:27:49 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [ATIModeChange] C:\Windows\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6F85AE-5F03-4BEE-8A26-B513EF1180DD}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\Windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{27df4139-f3e0-11e0-a544-00c09febd59f}\Shell - "" = AutoRun
O33 - MountPoints2\{27df4139-f3e0-11e0-a544-00c09febd59f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{934b0062-28b2-11e1-8ff2-00c09febd59f}\Shell - "" = AutoRun
O33 - MountPoints2\{934b0062-28b2-11e1-8ff2-00c09febd59f}\Shell\AutoRun\command - "" = E:\ESRI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/01/10 14:52:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
[2012/01/10 13:50:00 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\Malwarebytes
[2012/01/10 13:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/10 10:45:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/01/08 19:01:06 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2012/01/08 19:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012/01/08 18:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/01/08 18:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2012/01/08 17:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/08 00:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
[2012/01/08 00:35:52 | 000,180,224 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QTCF.dll
[2012/01/08 00:35:52 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012/01/08 00:35:52 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012/01/08 00:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative
[2012/01/05 19:11:02 | 001,647,000 | ---- | C] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
[2012/01/05 19:09:44 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\IObit
[2012/01/05 14:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RFA_Backups
[2012/01/05 14:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry First Aid
[2012/01/05 14:36:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/05 13:49:32 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2012/01/05 13:33:09 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Local\NokiaAccount
[2012/01/05 13:32:27 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Local\Nokia
[2012/01/05 13:32:23 | 000,000,000 | ---D | C] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2012/01/05 13:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/01/05 13:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012/01/05 13:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/01/05 13:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/09/29 17:56:13 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2011/09/29 17:56:13 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2011/09/29 17:56:13 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2011/09/29 17:56:12 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2011/09/29 17:56:12 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2011/09/29 17:56:12 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2011/09/29 17:56:12 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2011/09/29 17:56:12 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2011/09/29 17:56:12 | 000,537,256 | ---- | C] ( ) -- C:\Windows\System32\lxbkcoms.exe
[2011/09/29 17:56:12 | 000,385,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkih.exe
[2011/09/29 17:56:12 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2011/09/29 17:56:12 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2011/09/29 17:56:11 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2011/09/29 17:56:11 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
[2011/09/29 17:56:11 | 000,381,608 | ---- | C] ( ) -- C:\Windows\System32\lxbkcfg.exe
========== Files - Modified Within 7 Days ==========
[2012/01/10 16:05:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
[2012/01/10 14:50:57 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:50:56 | 000,022,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:47:44 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/10 14:47:44 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/10 14:43:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/10 14:43:04 | 1508,564,992 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 19:12:16 | 001,647,000 | ---- | M] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
========== Files Created - No Company Name ==========
[2012/01/10 14:58:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/29 17:57:39 | 000,000,243 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011/09/29 17:56:13 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2011/09/29 17:56:13 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2011/09/29 17:56:12 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxbkinsr.dll
[2011/09/25 22:11:43 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2011/09/25 22:11:43 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2011/09/25 22:11:43 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2011/09/25 22:11:42 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2011/09/25 22:11:42 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2011/09/09 08:16:43 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2011/09/09 08:07:17 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2011/09/07 19:18:23 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/09/07 19:18:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/09/07 19:18:05 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/09/07 19:18:05 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/09/07 19:18:02 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/09/07 18:57:14 | 000,095,617 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/07 18:14:51 | 000,156,672 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2010/11/20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,355,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011/12/23 14:59:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Auslogics
[2012/01/05 13:49:32 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2011/12/17 15:36:40 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ESRI
[2011/09/09 07:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GHISLER
[2011/09/07 18:29:46 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Godlike
[2011/10/06 12:06:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GrabPro
[2012/01/05 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\IObit
[2011/10/06 13:41:53 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Orbit
[2012/01/05 13:32:23 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2011/10/06 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ProgSense
[2011/09/07 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinBatch
[2012/01/05 14:02:33 | 000,004,894 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< netsvc >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/12/03 00:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ABBYY
[2011/09/13 23:14:41 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Adobe
[2011/12/30 15:39:07 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Apple Computer
[2011/12/23 14:59:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Auslogics
[2012/01/05 13:49:32 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CrystalIdea Software
[2011/09/07 18:47:20 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\CyberLink
[2011/12/17 15:36:40 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ESRI
[2011/09/09 07:32:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GHISLER
[2011/09/07 18:29:46 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Godlike
[2011/10/06 12:06:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\GrabPro
[2011/09/07 18:02:13 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Identities
[2012/01/05 19:09:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\IObit
[2011/09/07 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Macromedia
[2012/01/10 13:50:00 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Malwarebytes
[2010/11/21 04:01:02 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Media Center Programs
[2011/09/29 14:47:57 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Media Player Classic
[2012/01/10 10:56:40 | 000,000,000 | --SD | M] -- C:\Users\Matej\AppData\Roaming\Microsoft
[2011/09/07 19:08:43 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Mozilla
[2011/10/06 13:41:53 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Orbit
[2012/01/05 13:32:23 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\PC Suite
[2011/10/06 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\ProgSense
[2011/11/08 23:05:33 | 000,000,000 | RH-D | M] -- C:\Users\Matej\AppData\Roaming\SecuROM
[2011/11/07 19:49:52 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\vlc
[2011/09/09 08:56:10 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\Winamp
[2011/09/07 18:35:48 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinBatch
[2011/09/07 18:25:55 | 000,000,000 | ---D | M] -- C:\Users\Matej\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012/01/10 14:50:56 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:50:57 | 000,022,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/10 14:47:44 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/01/10 14:47:44 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/01/10 14:47:44 | 000,726,316 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< %userprofile%\Plocha\*.* >
< %userprofile%\Desktop\*.* >
[2012/01/03 13:52:46 | 000,000,282 | -HS- | M] () -- C:\Users\Matej\Desktop\desktop.ini
[2012/01/05 19:12:16 | 001,647,000 | ---- | M] (IObit) -- C:\Users\Matej\Desktop\iobit-uninstaller.exe
[2012/01/10 14:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Matej\Desktop\OTL.exe
< %ALLUSERSPROFILE%\Plocha\*.* >
< %ALLUSERSPROFILE%\Desktop\*.* >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2011/12/02 22:22:43 | 460,660,006 | ---- | M] () -- \DATA\programz\AbbyFNR10x.by.deddy1000.of.PowerUploaders.rar
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/11/11 12:20:12 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011/10/19 11:37:02 | 000,006,927 | ---- | M] () -- \Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\content\loader.js
[2011/10/19 11:37:02 | 000,005,604 | ---- | M] () -- \Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\windows\loader.js
[2011/10/06 13:37:29 | 000,026,694 | ---- | M] () -- \Users\Matej\AppData\Roaming\Orbit\icon\FLV Video Downloader Trial.ico
[2011/10/06 13:37:29 | 000,022,486 | ---- | M] () -- \Users\Matej\AppData\Roaming\Orbit\icon\Orbit Downloader.ico
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2007/04/30 15:43:12 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010/11/21 03:52:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010/11/21 03:52:25 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2010/11/21 03:52:25 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2010/11/20 22:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010/11/20 22:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010/11/20 22:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010/11/21 03:51:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2010/11/20 22:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *TemDono* /s >
< *AutoKMS* /s >
< *KMSEmulator* /s >
< *activator* /s >
< *serial* /s >
[2007/09/29 08:52:50 | 000,000,022 | ---- | M] () -- \DATA\programz\ArcView\ArcView\!serial.txt
[2008/04/10 12:15:36 | 000,000,080 | ---- | M] () -- \DATA\programz\O&O\serial.txt
[2007/11/11 08:08:06 | 000,000,157 | ---- | M] () -- \DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\serial.txt
[2011/08/30 17:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011/11/25 13:03:00 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011/10/14 00:27:24 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 18:56:16 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011/10/16 19:22:40 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011/10/16 19:22:49 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011/10/16 19:26:41 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2012/01/03 13:48:02 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/01/03 13:48:01 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/01/03 13:48:07 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2010/11/21 03:52:12 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2010/11/21 03:52:08 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010/11/21 03:52:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010/11/20 22:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010/11/21 03:51:51 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2010/11/20 22:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010/11/20 22:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010/11/21 03:52:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 03:52:12 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010/11/20 22:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
< *w7lxe* /s >
< *AutoRearm* /s >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SoundMan" = SOUNDMAN.EXE -- [2005/04/15 19:01:46 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.)
"egui" = "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice -- [2009/09/11 06:23:46 | 002,054,360 | ---- | M] (ESET)
"ATIModeChange" = Ati2mdxx.exe -- [2005/06/28 23:57:06 | 000,025,088 | ---- | M] (ATI Technologies, Inc.)
"Adobe ARM" = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2011/06/06 11:55:28 | 000,937,920 | ---- | M] (Adobe Systems Incorporated)
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/10 16:05:57 | 000,000,512 | ---- | M] () MD5=20094CE0C0941BE263C3DF10FEAC7A26 -- C:\PhysicalMBR.bin
< End of report >
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
OTL Extras logfile created on: 10. 1. 2012 16:04:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Matej\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,87 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 66,35% Memory free
3,75 Gb Paging File | 3,07 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 8,29 Gb Free Space | 22,24% Space Free | Partition Type: NTFS
Computer Name: MATEJ-PC | User Name: Matej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B725BC9-0C76-454C-85AE-E58363ACDEF0}" = ESET NOD32 Antivirus
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{193D3E3B-33C9-4EC0-9323-C070D0BC0B7A}_is1" = WinTools.net 11.7.1 Ultimate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Corporate Edition
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adolix Split and Merge PDF_is1" = Adolix Split and Merge PDF v1.3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CNXT_AUDIO" = Conexant AC-Link Audio
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_FF311179" = AC97 Data Fax SoftModem with SmartCP
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"PokerRoom Home Game Organizer" = PokerRoom Home Game Organizer
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"STANDARD" = Microsoft Office Standard 2007
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10. 1. 2012 5:53:53 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 5:53:54 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 5:55:15 | Computer Name = Matej-PC | Source = VSS | ID = 8194
Description =
Error - 10. 1. 2012 8:41:03 | Computer Name = Matej-PC | Source = WinMgmt | ID = 10
Description =
Error - 10. 1. 2012 8:43:59 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 8:43:59 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 9:44:01 | Computer Name = Matej-PC | Source = VSS | ID = 8194
Description =
Error - 10. 1. 2012 9:44:50 | Computer Name = Matej-PC | Source = WinMgmt | ID = 10
Description =
Error - 10. 1. 2012 9:47:44 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 9:47:44 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
[ System Events ]
Error - 8. 1. 2012 13:43:33 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 8. 1. 2012 13:53:37 | Computer Name = Matej-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 8. 1. 2012 14:01:02 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 8. 1. 2012 14:02:56 | Computer Name = Matej-PC | Source = DCOM | ID = 10010
Description =
Error - 8. 1. 2012 14:09:47 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 10. 1. 2012 5:43:10 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:41:47 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 5:45:41 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:43:59 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 5:45:52 | Computer Name = Matej-PC | Source = BugCheck | ID = 1001
Description =
Error - 10. 1. 2012 8:39:39 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 13:37:31 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 8:40:14 | Computer Name = Matej-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Matej\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,87 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 66,35% Memory free
3,75 Gb Paging File | 3,07 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 8,29 Gb Free Space | 22,24% Space Free | Partition Type: NTFS
Computer Name: MATEJ-PC | User Name: Matej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B725BC9-0C76-454C-85AE-E58363ACDEF0}" = ESET NOD32 Antivirus
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{193D3E3B-33C9-4EC0-9323-C070D0BC0B7A}_is1" = WinTools.net 11.7.1 Ultimate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Corporate Edition
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adolix Split and Merge PDF_is1" = Adolix Split and Merge PDF v1.3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CNXT_AUDIO" = Conexant AC-Link Audio
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_FF311179" = AC97 Data Fax SoftModem with SmartCP
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"PokerRoom Home Game Organizer" = PokerRoom Home Game Organizer
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"STANDARD" = Microsoft Office Standard 2007
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10. 1. 2012 5:53:53 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 5:53:54 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 5:55:15 | Computer Name = Matej-PC | Source = VSS | ID = 8194
Description =
Error - 10. 1. 2012 8:41:03 | Computer Name = Matej-PC | Source = WinMgmt | ID = 10
Description =
Error - 10. 1. 2012 8:43:59 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 8:43:59 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 9:44:01 | Computer Name = Matej-PC | Source = VSS | ID = 8194
Description =
Error - 10. 1. 2012 9:44:50 | Computer Name = Matej-PC | Source = WinMgmt | ID = 10
Description =
Error - 10. 1. 2012 9:47:44 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 10. 1. 2012 9:47:44 | Computer Name = Matej-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
[ System Events ]
Error - 8. 1. 2012 13:43:33 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 8. 1. 2012 13:53:37 | Computer Name = Matej-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 8. 1. 2012 14:01:02 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 8. 1. 2012 14:02:56 | Computer Name = Matej-PC | Source = DCOM | ID = 10010
Description =
Error - 8. 1. 2012 14:09:47 | Computer Name = Matej-PC | Source = Service Control Manager | ID = 7030
Description = Služba ServiceLayer je označená ako interaktívna služba. Systém je
však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.
Error - 10. 1. 2012 5:43:10 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:41:47 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 5:45:41 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:43:59 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 5:45:52 | Computer Name = Matej-PC | Source = BugCheck | ID = 1001
Description =
Error - 10. 1. 2012 8:39:39 | Computer Name = Matej-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 13:37:31 on ?10. ?1. ?2012 was unexpected.
Error - 10. 1. 2012 8:40:14 | Computer Name = Matej-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
Znovu spusť OTL.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]
:OTL
IE - HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB 22 D0 CB 88 6D CC 01 [binary data]
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q="
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011/12/17 00:31:33 | 000,000,000 | ---D | M] (Auto Shutdown NG) -- C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack
[2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\startsear.xml
O13 - gopher Prefix: missing
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
:Files
C:\ProgramData\Malwarebytes
C:\Users\Matej\Desktop\iobit-uninstaller.exe
C:\Users\Matej\AppData\Roaming\IObit
C:\DATA\programz\ArcView\ArcView /d
C:\DATA\programz\O&O /d
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net /d
C:\Users\Matej\AppData\Roaming\Malwarebytes
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s- Klikni na tlačítko [Opravit].
- Po dokončení skenu se objeví log, ten mi sem vlož.
- Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Matej
->Temp folder emptied: 82463018 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 99870183 bytes
->Flash cache emptied: 1682 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73914178 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 244,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Matej
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== OTL ==========
HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Prefs.js: "http://startsear.ch/?aff=1&q=" removed from keyword.URL
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-autoshutdownng-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-autoshutdownng-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\windows folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\utils folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\traits folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\tabs folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\events folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\dom folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\content folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-addon-kit-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-addon-kit-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\components folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack folder moved successfully.
C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\startsear.xml moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
========== FILES ==========
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\Matej\Desktop\iobit-uninstaller.exe moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit folder moved successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\XTNew_2003_09_15.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\xtools.avx deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\XToolsDoc_2003_09_15.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Support folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\01_zakladne_pojmy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\02_definicia_gis.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\03_historia_GIS.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\04_softver.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\05_hardver.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\06_modelovanie_geografických_objektov.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\07_geograficka_ poloha.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\08_struktura_udajov.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\09_databazove_systémy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\10_priestorove_vlastnosti.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\11_topologia.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\12_analyzy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\13_projekt_GIS.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\ArcView.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Tezy_TU_Zvolen.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\uvod.ppt deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Zbornik2005.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\av33inst.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\DBAccess.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\newin33.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\shapefile.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\!serial.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\arcview.htm deleted successfully.
C:\DATA\programz\ArcView\ArcView\arcview.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\avbkgrnd.gif deleted successfully.
C:\DATA\programz\ArcView\ArcView\data.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\Dbaccess.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\license.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\mapdata.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\patch.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\README.DOC deleted successfully.
C:\DATA\programz\ArcView\ArcView\readme.htm deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.bmp deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.dat deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.exe deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.ini deleted successfully.
C:\DATA\programz\ArcView\ArcView\SETUP.INS deleted successfully.
C:\DATA\programz\ArcView\ArcView\Setup.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.pkg deleted successfully.
C:\DATA\programz\ArcView\ArcView\syswin.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\tutorial.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\X.exe deleted successfully.
C:\DATA\programz\ArcView\ArcView\_INST32I.EX_ deleted successfully.
C:\DATA\programz\ArcView\ArcView\_ISDEL.EXE deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup.dll deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup32.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView folder deleted successfully.
C:\DATA\programz\O&O\OODefrag10ProfessionalEnu.exe deleted successfully.
C:\DATA\programz\O&O\serial.txt deleted successfully.
C:\DATA\programz\O&O folder deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\GetDataBack.for.FAT.exe deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\GetDataBack.for.NTFS.exe deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\serial.txt deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net folder deleted successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33B0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B91.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP77E5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP795A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED02.tmp folder moved successfully.
OTL by OldTimer - Version 3.2.31.0 log created on 01102012_171135
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Matej
->Temp folder emptied: 82463018 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 99870183 bytes
->Flash cache emptied: 1682 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73914178 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 244,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Matej
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== OTL ==========
HKU\S-1-5-21-3202680862-1731838046-389120635-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Prefs.js: "http://startsear.ch/?aff=1&q=" removed from keyword.URL
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-autoshutdownng-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-autoshutdownng-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\windows folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\utils folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\traits folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\tabs folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\events folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\dom folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib\content folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-api-utils-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-addon-kit-lib folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources\jid0-hz5uvaeiwwaxt9tkluhegucarqo-at-jetpack-addon-kit-data folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\resources folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack\components folder moved successfully.
C:\Users\Matej\AppData\Roaming\mozilla\Firefox\Profiles\ojb82tnf.default\extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack folder moved successfully.
C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\ojb82tnf.default\searchplugins\startsear.xml moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
========== FILES ==========
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\Matej\Desktop\iobit-uninstaller.exe moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Matej\AppData\Roaming\IObit folder moved successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\XTNew_2003_09_15.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\xtools.avx deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension\XToolsDoc_2003_09_15.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\XTOOLS Extension folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Support folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\01_zakladne_pojmy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\02_definicia_gis.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\03_historia_GIS.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\04_softver.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\05_hardver.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\06_modelovanie_geografických_objektov.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\07_geograficka_ poloha.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\08_struktura_udajov.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\09_databazove_systémy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\10_priestorove_vlastnosti.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\11_topologia.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\12_analyzy.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS\13_projekt_GIS.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Uvod do GIS folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\ArcView.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Tezy_TU_Zvolen.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\uvod.ppt deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka\Zbornik2005.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\Prirucka folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\av33inst.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\DBAccess.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\newin33.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS\shapefile.pdf deleted successfully.
C:\DATA\programz\ArcView\ArcView\AVDOCS folder deleted successfully.
C:\DATA\programz\ArcView\ArcView\!serial.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\arcview.htm deleted successfully.
C:\DATA\programz\ArcView\ArcView\arcview.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\avbkgrnd.gif deleted successfully.
C:\DATA\programz\ArcView\ArcView\data.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\Dbaccess.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\license.txt deleted successfully.
C:\DATA\programz\ArcView\ArcView\mapdata.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\patch.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\README.DOC deleted successfully.
C:\DATA\programz\ArcView\ArcView\readme.htm deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.bmp deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.dat deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.exe deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.ini deleted successfully.
C:\DATA\programz\ArcView\ArcView\SETUP.INS deleted successfully.
C:\DATA\programz\ArcView\ArcView\Setup.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView\setup.pkg deleted successfully.
C:\DATA\programz\ArcView\ArcView\syswin.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\tutorial.z deleted successfully.
C:\DATA\programz\ArcView\ArcView\X.exe deleted successfully.
C:\DATA\programz\ArcView\ArcView\_INST32I.EX_ deleted successfully.
C:\DATA\programz\ArcView\ArcView\_ISDEL.EXE deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup.dll deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView\_setup32.lib deleted successfully.
C:\DATA\programz\ArcView\ArcView folder deleted successfully.
C:\DATA\programz\O&O\OODefrag10ProfessionalEnu.exe deleted successfully.
C:\DATA\programz\O&O\serial.txt deleted successfully.
C:\DATA\programz\O&O folder deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\GetDataBack.for.FAT.exe deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\GetDataBack.for.NTFS.exe deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net\serial.txt deleted successfully.
C:\DATA\programz\Runtime_GetDataBack_for_FAT_NTFS_3.30_2baksa.net folder deleted successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\Matej\AppData\Roaming\Malwarebytes folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33B0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B91.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP77E5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP795A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED02.tmp folder moved successfully.
OTL by OldTimer - Version 3.2.31.0 log created on 01102012_171135
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
OK, OTL provedlo, co mělo - jak je na tom počítač, můžeme dočistit?
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
PC vyzera good ... jasne mozme ... cakam na rady 
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
OK, super, takže...
Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.
TFC http://oldtimer.geekstogo.com/TFC.exe
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
CCleaner doporučuji používat cca jednou za týden.
... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí. TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a může (nemusí) restartovat PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
CCleaner doporučuji používat cca jednou za týden.... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
butthead25
- Návštěvník
- Příspěvky: 25
- Registrován: 11 kvě 2009 10:52
Re: Prosím o p. kontrolu logu _ ďakujem
ok ... ďakujem veľmi pekne
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o p. kontrolu logu _ ďakujem
Není vůbec zač a rádo se stalo. 
Přeji pěkný den. 
Přeji pěkný den. --- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?