Pomalé načítanie plochy

Zpráva

mety · #16 Příspěvek od **mety** » 10 bře 2012 14:13

combofix som spustil presne podla pokynov ale windows potom nechcel nabehnut, tak som PC musel restartovat a nastavit tu povodnu konfiguraciu (to sa ale podarilo az na piaty krat, pretoze mi stale nechcel nabehnut PC) a log mi nevyhodilo a log neviem najst, pretoze ho zvycajne vytvara na C, no tam ziadny nie je

hej a po combofixe sa PC nevypol normalne (s oknom DOVIDENIA), ale akoby padol a hned sa zacal spustat, proste akoby restart, ked stlacim RESET na bedni..

#17 Příspěvek od **Mc_Murphy** » 10 bře 2012 14:27

Zkus provést akci se scriptem ještě jednou v Nouzovém režimu.

#18 Příspěvek od **Mc_Murphy** » 10 bře 2012 14:28

CFScript.txt musíš mít na Ploše, stejně jako ComboFix.

mety · #19 Příspěvek od **mety** » 10 bře 2012 14:57

CFScript.txt aj s Combofixom som mal na ploche. Aj pri prvom pokuse, aj teraz (v nudzovom rezime).

Combofix restartoval normalne PC, ale potom po nabehnuti windowsu, este nieco robil a vtedy zase padol windows a musel som ho spustat opat cez poslednu funkcnu konfiguraciu. No a log opat nikde. Dal som aj prehladat PC ale nenaslo mi ho.

#20 Příspěvek od **Mc_Murphy** » 10 bře 2012 16:52

Mno to je pochopitelné, když dáš poslední známou konfiguraci, že se vše smaže.

Přímo na C:\ log není? Zkus to ještě párkrát, já se zatím poradím s kolegy.

mety · #21 Příspěvek od **mety** » 10 bře 2012 18:01

skusil som to v normalnom windowse (nie safe mode) a stalo sa to co predtym, z nicoho nic vyplo PC este ked bolo na obrazovke modre okno combofixu :-/

a log nie je v adresari C:/ , on nie je nikde, dal som prehladat oba disky a nic

#22 Příspěvek od **Mc_Murphy** » 11 bře 2012 07:12

OK. No je to mrzuté, ale ComboFix prostě někdy takhle zastávkuje a postaví si hlavu.

ComboFix tedy odinstaluj.

Přejmenuj ComboFix na Uninstall.
Spusť jej.
Tohle smaže ComboFix a jeho složky.

A my na to zkusíme pustit OTL, to by nemělo mít problém.

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

mety · #23 Příspěvek od **mety** » 11 bře 2012 17:52

OTL logfile created on: 11.3.2012 17:26:44 - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Martin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.17184)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 399,90 Mb Available Physical Memory | 39,07% Memory free
2,40 Gb Paging File | 1,68 Gb Available in Paging File | 69,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,42 Gb Total Space | 39,61 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 116,45 Gb Total Space | 20,72 Gb Free Space | 17,79% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 343,57 Gb Free Space | 73,76% Space Free | Partition Type: NTFS

Computer Name: MARTIN-E155AC7F | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.03.11 17:24:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
PRC - [2012.02.08 19:02:12 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashServ.exe
PRC - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashMaiSv.exe
PRC - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashWebSv.exe
PRC - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\aswUpdSv.exe
PRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2007.10.02 14:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 17:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003.07.29 08:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.08.07 10:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dtscsi)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az0nwo27)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a95e1hkr)
DRV - [2011.07.20 08:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.07.20 08:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.07.20 08:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011.07.20 08:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.07.20 08:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.11.12 17:58:56 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.03 11:53:24 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay)
DRV - [2009.02.05 22:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.02.05 22:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.02.05 22:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.02.05 22:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.02.05 22:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.02.05 22:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.12.01 23:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.06.06 08:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.05.07 06:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.05.07 06:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.07 06:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007.09.28 10:10:54 | 000,029,696 | R--- | M] (ASUSTek Computer Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfnd51.sys -- (ip100Avista)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.11.24 10:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.24 10:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.11.17 12:05:38 | 002,297,664 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.07.13 09:21:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.17 19:58:24 | 000,000,000 | ---D | M]

[2008.09.18 16:50:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Extensions
[2012.03.10 14:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\extensions
[2010.03.27 15:54:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\icqplugin.xml
[2008.09.18 16:54:55 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\stahujcz.xml
[2011.11.21 11:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.17 19:58:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
[2011.06.17 19:58:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.17 19:58:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007.08.21 14:30:40 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2007.11.02 02:29:52 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2007.11.02 02:29:52 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2008.04.01 21:17:12 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2007.11.02 02:29:52 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.10 14:44:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.18.5 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{527EC34A-5D17-4BBE-8699-2C0CA03611C4}: DhcpNameServer = 10.5.18.5 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.03.11 17:24:21 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
[2012.03.10 14:42:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.03.10 13:55:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.03.09 23:16:42 | 000,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.03.09 23:16:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Antivirus
[2012.03.09 23:16:41 | 000,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.03.09 23:16:40 | 000,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.03.09 23:16:39 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.03.09 23:16:39 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2012.03.09 23:16:39 | 000,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.03.09 23:16:39 | 000,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.03.09 23:16:39 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.03.09 23:16:15 | 001,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.03.09 23:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Avast4
[2012.03.09 21:45:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Martin\Start Menu\Programs\Administrative Tools
[2012.03.09 17:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Desktop\rar-ka
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.03.11 17:30:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.11 17:24:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
[2012.03.11 17:04:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.03.11 16:27:28 | 000,013,690 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.11 16:27:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.11 16:27:21 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.10 14:44:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.03.10 13:55:40 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.03.10 00:28:46 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012.03.10 00:10:27 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.09 23:16:42 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2012.03.09 23:16:39 | 000,002,617 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.03.09 17:25:16 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Odkaz na Music Right now.lnk
[2012.03.09 07:29:11 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012.03.07 21:35:19 | 000,001,050 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.03.05 18:24:29 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012.03.05 09:51:57 | 000,086,050 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\forum mid G19483.jpg
[2012.03.05 09:51:15 | 000,123,313 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\varial mid st leather G48382.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.11 17:30:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.11 16:43:15 | 000,321,799 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\Six Days remix.mp4
[2012.03.11 16:42:18 | 000,376,967 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\Pulse of the maggots.mp4
[2012.03.11 16:37:10 | 000,526,464 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\Apologize.mp3
[2012.03.10 14:44:08 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.10 13:55:40 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.03.10 13:55:37 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.03.09 23:16:42 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2012.03.09 23:16:15 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2012.03.09 17:25:16 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\Odkaz na Music Right now.lnk
[2012.03.05 09:51:57 | 000,086,050 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\forum mid G19483.jpg
[2012.03.05 09:51:15 | 000,123,313 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\varial mid st leather G48382.jpg
[2012.03.02 17:26:05 | 000,150,016 | RHS- | C] () -- C:\WINDOWS\System32\d3dx10_39H.dll
[2012.02.16 14:31:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.26 20:30:10 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\SRDownloader.nast
[2011.08.23 00:18:17 | 000,276,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.05.29 19:17:03 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo_6_6_s.dll
[2011.05.29 19:16:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

========== LOP Check ==========

[2009.07.13 09:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2010.10.16 10:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011.05.29 19:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlazeVideo
[2010.04.02 20:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2009.07.16 17:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2008.09.18 14:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.07.09 14:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2008.09.19 15:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.01.11 15:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2008.09.19 15:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.05.29 19:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Plugins
[2011.08.22 19:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009.07.19 20:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011.09.09 13:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011.06.03 16:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\AnvSoft
[2010.10.22 17:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\autodessys
[2008.12.23 18:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\BSplayer PRO
[2008.12.20 17:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Codemasters
[2010.11.12 17:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\DAEMON Tools
[2009.07.16 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\DAEMON Tools Pro
[2008.09.28 19:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Easy Thumbnails
[2008.09.18 14:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ESET
[2011.06.12 09:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\FDRLab
[2012.03.10 23:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ICQ
[2008.09.30 17:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\JLC's Software
[2009.07.13 23:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Kerio
[2008.10.04 16:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Leadertech
[2009.05.09 18:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Mp3 Audio Editor
[2008.12.02 17:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Nokia
[2008.09.18 18:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Opera
[2009.06.20 19:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\PC Suite
[2010.03.20 13:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Power Sound Editor Free
[2011.09.09 12:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Rovio
[2011.08.22 14:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Samsung
[2008.12.23 18:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\URSoft
[2012.02.02 12:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\uTorrent
[2009.04.04 12:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Vso
[2008.11.02 19:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Xilisoft Corporation

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >

< MD5 for: ATAPI.SYS >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 13:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2012.03.09 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.10.16 10:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.03.14 10:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2011.05.29 19:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlazeVideo
[2010.04.02 20:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2009.07.16 17:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2008.09.18 14:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.03.20 16:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2011.07.09 14:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2008.09.19 15:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008.12.20 17:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2011.06.17 19:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009.01.11 15:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey
[2012.03.02 23:36:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.10.18 15:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008.10.01 14:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2008.09.19 15:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.05.29 19:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Plugins
[2008.12.23 19:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2011.08.22 19:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009.07.19 20:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010.08.02 20:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011.06.17 19:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2008.09.18 17:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.09.09 13:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2008.09.19 15:31:34 | 036,293,352 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_slk_web.exe
[2008.09.19 15:32:30 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe
[2008.09.19 15:32:30 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe
[2008.09.19 15:32:30 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

< %APPDATA%\*. >
[2009.07.19 13:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Adobe
[2008.10.04 16:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Ahead
[2011.06.03 16:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\AnvSoft
[2010.03.14 10:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ATI
[2010.10.22 17:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\autodessys
[2008.12.23 18:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\BSplayer PRO
[2008.12.20 17:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Codemasters
[2010.11.12 17:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\DAEMON Tools
[2009.07.16 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\DAEMON Tools Pro
[2012.01.31 11:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\dvdcss
[2008.09.28 19:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Easy Thumbnails
[2008.09.18 14:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ESET
[2011.06.12 09:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\FDRLab
[2009.07.21 18:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Google
[2009.01.08 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Help
[2012.03.10 23:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\ICQ
[2008.09.18 13:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Identities
[2009.07.16 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\InstallShield
[2008.09.30 17:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\JLC's Software
[2009.07.13 23:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Kerio
[2008.10.04 16:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Leadertech
[2008.10.23 20:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Macromedia
[2008.12.23 21:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Media Player Classic
[2011.08.22 14:26:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Martin\Application Data\Microsoft
[2008.09.18 16:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Mozilla
[2009.05.09 18:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Mp3 Audio Editor
[2008.12.02 17:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Nokia
[2008.09.18 18:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Opera
[2009.06.20 19:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\PC Suite
[2010.03.20 13:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Power Sound Editor Free
[2009.07.12 20:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Real
[2011.09.09 12:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Rovio
[2011.08.22 14:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Samsung
[2012.03.09 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Skype
[2011.06.17 19:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Sun
[2008.12.23 18:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\URSoft
[2012.02.02 12:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\uTorrent
[2012.02.19 22:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\vlc
[2009.04.04 12:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Vso
[2008.09.18 20:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\WinRAR
[2008.11.02 19:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Application Data\Xilisoft Corporation

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012.03.02 17:26:05 | 000,150,016 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\d3dx10_39H.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.12 17:58:56 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.09.18 15:43:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.09.18 15:43:53 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.09.18 15:43:53 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2012.03.02 17:26:05 | 000,150,016 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\d3dx10_39H.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.03.09 23:16:39 | 000,002,617 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.03.11 16:27:28 | 000,013,690 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2009.02.26 16:12:42 | 000,526,464 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Apologize.mp3
[2009.02.27 12:08:12 | 000,219,648 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\AUS shortly.doc
[2010.10.22 17:49:23 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\bonzai3d 2.2.lnk
[2009.07.13 19:25:55 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\CCleaner.lnk
[2008.09.18 17:07:48 | 000,000,080 | -HS- | M] () -- C:\Documents and Settings\Martin\Desktop\desktop.ini
[2008.09.19 12:17:10 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Easy Thumbnails.lnk
[2012.03.05 09:51:57 | 000,086,050 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\forum mid G19483.jpg
[2009.05.31 11:55:37 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Fraps.lnk
[2009.02.11 14:20:37 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\IrfanView.lnk
[2011.11.01 12:30:43 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Microsoft Office Word 2007.lnk
[2012.03.09 17:25:16 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Odkaz na Music Right now.lnk
[2012.03.11 17:24:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
[2008.09.18 14:00:00 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Outlook Express.lnk
[2008.12.13 19:30:56 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\PhotoFiltre.lnk
[2006.12.02 16:10:55 | 000,376,967 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Pulse of the maggots.mp4
[2011.11.27 21:50:11 | 009,741,934 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\reflexions.v1.0.apk_signed.apk
[2007.07.02 15:59:53 | 000,321,799 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Six Days remix.mp4
[2010.09.19 22:52:35 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\SpeedFan.lnk
[2011.08.06 23:00:07 | 000,174,592 | -HS- | M] () -- C:\Documents and Settings\Martin\Desktop\Thumbs.db
[2008.09.19 12:25:47 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Total Commander.lnk
[2012.03.05 09:51:15 | 000,123,313 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\varial mid st leather G48382.jpg
[2011.01.11 13:46:26 | 002,062,848 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Vypracované otázky zo ® DP.doc
[2011.05.20 22:48:15 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Vypínač na dobrou noc.lnk
[2008.09.18 17:07:48 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Windows Media Player.lnk
[2008.09.18 20:15:40 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\WinRAR.lnk
[2008.11.02 19:49:58 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Xilisoft Video Converter Ultimate.lnk
[2008.12.23 18:47:14 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Your Uninstaller! 2008.lnk
[2011.06.19 12:46:05 | 019,952,890 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\ZDP mogo.doc
[2011.06.27 16:38:57 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\zivotopis 26-6.doc
[2008.10.01 17:21:07 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\µTorrent.lnk
[2011.04.10 17:23:17 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\časy.doc
[2010.03.15 12:37:28 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Životopis.doc

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >
[2008.09.20 09:01:08 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader.lnk
[2012.03.09 23:16:42 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2010.11.12 18:01:34 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk
[2012.03.09 07:29:11 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011.11.23 17:24:22 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Zem.lnk
[2011.07.09 14:35:26 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ICQ7.5.lnk
[2008.09.18 15:04:36 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Lexmark X1100 Series All-In-One Center.lnk
[2008.12.23 19:02:02 | 000,000,938 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Player Classic.lnk
[2009.01.12 14:28:34 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2008.09.18 17:38:19 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2008.10.01 14:35:27 | 000,002,401 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2008.09.19 15:33:20 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nokia PC Suite.lnk
[2011.01.26 15:15:50 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012.03.05 18:24:29 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009.01.09 17:17:33 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vista Rainbar.lnk
[2010.11.27 22:44:30 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk

< *crack* /s >
[2011.07.08 14:01:37 | 000,000,225 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx
[2010.01.01 10:01:37 | 000,000,086 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico
[2006.11.23 14:00:18 | 000,405,009 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\Best music for me\mp3 nhl\Crack_The_Code.mp3
[2011.04.07 18:41:01 | 015,523,141 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\Drum and Bass Arena\35-enei_eastcolors_and_noel--cracker-oma.mp3
[2006.11.23 14:00:18 | 000,405,009 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\short mp34 huge pack\samsung\Crack_The_Code.mp3
[2009.09.03 11:41:52 | 000,097,676 | ---- | M] () -- \Documents and Settings\Martin\My Documents\n 6220\aplikacie\Capree.iON.BatteryTimer.v1.02.S60v3.SymbianOS9.x.Unsigned.Cracked-TgSPDA.sis

< *keygen* /s >
[2009.06.26 13:29:55 | 000,000,318 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico
[2009.06.26 13:29:55 | 000,000,121 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\keygens.nl.idx

< *loader* /s >
[2011.11.26 20:30:10 | 000,000,896 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\SRDownloader.nast
[2009.01.06 13:21:57 | 000,000,894 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.eliteuploadersgroup.net%2Fwp-content%2Fthemes%2Fmambopress-16%2Ffavicon.ico
[2009.08.24 09:59:06 | 000,001,150 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.pornpicuploader.com%2Fcss%2Fimages%2Ffavicon.ico
[2009.01.06 13:21:57 | 000,000,129 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.eliteuploadersgroup.net.idx
[2010.01.03 21:39:21 | 000,000,413 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.pornpicuploader.com.idx
[2008.09.03 06:25:08 | 000,000,058 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\Good Charlotte - Good Morning Revival (2007)\Elite uploaders group » Úvod.URL
[2008.09.03 06:25:08 | 000,000,058 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\uz napalene\Kabát - Corrida (2006)\Elite uploaders group » Úvod.URL
[2008.09.11 06:21:13 | 000,000,230 | ---- | M] () -- \Documents and Settings\Martin\My Documents\My Music\uz napalene\Kabát - Corrida (2006)\uploader_filip289.txt
[2007.03.12 12:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2011.07.09 14:34:34 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.09 14:34:35 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.09 14:34:34 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.28 14:56:19 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.09 14:35:12 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.07.09 14:35:13 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2008.06.11 08:24:36 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_slk.nlr
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.04 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:44 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:46 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2007.04.30 14:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >
[2008.06.23 11:27:36 | 000,000,224 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\skin\default\Clip_startnode.bmp
[2008.06.23 11:27:36 | 000,002,924 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\skin\default\Clip_startnode.png
[2008.06.23 11:27:36 | 000,002,941 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\skin\default1\Clip_startnode.png
[2008.06.23 11:27:36 | 000,002,923 | ---- | M] () -- \Program Files\Xilisoft\Video Converter Ultimate\skin\default2\Clip_startnode.png

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2004.08.03 23:15:54 | 000,030,067 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2011.07.08 14:01:37 | 000,000,225 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx
[2009.07.02 17:41:51 | 000,000,084 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\housemd.serial4u.cz.idx
[2010.01.01 10:01:37 | 000,000,086 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico
[2009.07.02 17:41:51 | 000,003,638 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fhousemd.serial4u.cz%2Fimages%2Ffavicon.ico
[2009.08.20 15:40:03 | 000,001,406 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fiserialy.sk%2Ffavicon.ico
[2008.09.28 17:48:48 | 000,000,822 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fserial.nolimit.cz%2Fimg%2Ffavicon.ico
[2008.09.28 17:49:00 | 000,000,537 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fserial.nolimit.cz%2Fimg%2Ffavicon.png
[2011.07.07 11:11:03 | 000,001,406 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Ftvserialy.com%2Ffavicon.ico
[2011.05.29 19:18:02 | 000,001,150 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.unlimitedserials.com%2Ffavicon.ico
[2009.08.20 15:40:03 | 000,000,084 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\iserialy.sk.idx
[2008.09.28 17:49:00 | 000,000,154 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\serial.nolimit.cz.idx
[2011.07.07 11:11:03 | 000,000,077 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\tvserialy.com.idx
[2011.05.29 19:18:02 | 000,000,119 | ---- | M] () -- \Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.unlimitedserials.com.idx
[2006.11.28 18:16:03 | 000,000,057 | ---- | M] () -- \Documents and Settings\Martin\My Documents\n 6220\aplikacie\Serial stopwatch.txt
[2012.03.09 23:16:14 | 000,000,607 | ---- | M] () -- \Documents and Settings\Martin\Recent\serial.lnk
[2012.03.10 14:26:50 | 000,000,610 | ---- | M] () -- \Documents and Settings\Martin\Recent\Serials.lnk
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.04 13:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2012.02.16 20:14:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.11 12:05:59 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.02.17 07:44:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.02.17 07:41:53 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2003.08.01 11:54:06 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.13 23:10:22 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.08.04 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.04 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2004.08.04 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2004.08.04 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"" =

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.11 17:30:00 | 000,000,512 | ---- | M] () MD5=9D5CAB3BCDEA16D135D20C9481A490EA -- C:\PhysicalMBR.bin

< End of report >

mety · #24 Příspěvek od **mety** » 11 bře 2012 17:53

OTL Extras logfile created on: 11.3.2012 17:26:44 - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Martin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.17184)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 399,90 Mb Available Physical Memory | 39,07% Memory free
2,40 Gb Paging File | 1,68 Gb Available in Paging File | 69,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,42 Gb Total Space | 39,61 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 116,45 Gb Total Space | 20,72 Gb Free Space | 17,79% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 343,57 Gb Free Space | 73,76% Space Free | Partition Type: NTFS

Computer Name: MARTIN-E155AC7F | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
"28875:TCP" = 28875:TCP:*:Enabled:Windows Core Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\CS 1.6\hl.exe" = C:\Program Files\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1ED6E4D0-8DB0-A333-DEA6-188F957F5A43}" = Catalyst Control Center Graphics Light
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38AD6EA4-BBC1-4A95-B792-9950D48E2171}" = Kerio Visual C++ 2005 redistributable permanent package
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{407E0CBD-D6BF-F243-6DE9-F1EEA525BA1C}" = Catalyst Control Center Graphics Full Existing
"{43FFE159-3199-4188-A1CD-629166AD1051}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Zem
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{5EC634FA-5047-38B2-A53A-15963D9BD872}" = CCC Help English
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{651AFCC8-2F1A-8132-0A33-FA5F041380BA}" = Catalyst Control Center Graphics Full New
"{69EF33D7-3425-1409-0BE1-C4F3A6FB57A8}" = ccc-utility
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7510EF8C-99B9-8533-524E-BF41BDC04188}" = Skins
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{773040E1-3B60-6507-C387-71F8F0A03C59}" = ccc-core-static
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{92DEC792-A722-5991-2607-3EE3A4BD502B}" = Catalyst Control Center HydraVision Full
"{96793032-8651-805A-67EF-E1759C1A8E3D}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B094F70F-2CC2-5062-8534-D3830FC4B018}" = Catalyst Control Center Core Implementation
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{CA42C38C-B369-B190-AD06-76D3AC95CFAC}" = ccc-core-preinstall
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 9.20
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.8)
"CCleaner" = CCleaner (remove only)
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8 Beta 1
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.4.2
"Lexmark X1100 Series" = Lexmark X1100 Series
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.61.1250" = Opera 11.61
"PhotoFiltre" = PhotoFiltre
"PROPLUS" = Microsoft Office Professional Plus 2007
"Security Task Manager" = Security Task Manager 1.7h
"SpeedFan" = SpeedFan (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Vista Rainbar 4.3" = Vista Rainbar 4.3
"VLC media player" = VLC media player 1.1.4
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Your Uninstaller! 2008_is1" = Your Uninstaller! 2008 Version 6.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 9.3.2012 15:45:12 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 15:58:08 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 16:01:01 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 16:03:26 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 16:08:04 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 16:35:13 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 9.3.2012 16:40:06 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 10.3.2012 6:38:45 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 10.3.2012 7:42:34 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\system32\d3dx10_39H.dll failed, 00000005.

Error - 11.3.2012 12:31:41 | Computer Name = MARTIN-E155AC7F | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\System32\d3dx10_39H.dll failed, 00000005.

[ Application Events ]
Error - 3.12.2011 9:18:40 | Computer Name = MARTIN-E155AC7F | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia chrome.exe, verzia 15.0.874.121, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 5.12.2011 4:34:15 | Computer Name = MARTIN-E155AC7F | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie mediamonkey.exe, verzia 3.0.6.1190, zlyhanie modulu
wmvcore.dll, verzia 11.0.5721.5275, adresa zlyhania 0x00064732.

Error - 5.12.2011 4:34:26 | Computer Name = MARTIN-E155AC7F | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie mediamonkey.exe, verzia 3.0.6.1190, zlyhanie modulu
wmvcore.dll, verzia 11.0.5721.5275, adresa zlyhania 0x00064732.

Error - 7.1.2012 14:50:17 | Computer Name = MARTIN-E155AC7F | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia chrome.exe, verzia 16.0.912.75, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 23.1.2012 16:45:35 | Computer Name = MARTIN-E155AC7F | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia MediaMonkey.exe, verzia 3.0.6.1190, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 25.1.2012 19:40:41 | Computer Name = MARTIN-E155AC7F | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia mplayerc.exe, verzia 1.2.929.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 9.3.2012 18:29:45 | Computer Name = MARTIN-E155AC7F | Source = MsiInstaller | ID = 11719
Description = Product: Adobe Setup -- Error 1719.Nedá sa získať prístup k službe
programu Windows Installer. Tento problém sa môže vyskytnúť pri spustení systému
Windows v núdzovom režime alebo v prípade, že program Windows Installer nie je
nainštalovaný správne. Obráťte sa na pracovníka technickej podpory.

[ System Events ]
Error - 10.3.2012 8:59:20 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7034
Description = Služba Print Spooler sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 10.3.2012 8:59:20 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.

Error - 10.3.2012 9:32:19 | Computer Name = MARTIN-E155AC7F | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 10.3.2012 9:33:01 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7001
Description = Spustenie služby NetBios over Tcpip, od ktorej závisí služba DHCP
Client, zlyhalo kvôli nasledujúcej chybe: %%31

Error - 10.3.2012 9:33:01 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7001
Description = Spustenie služby TCP/IP Protocol Driver, od ktorej závisí služba DNS
Client, zlyhalo kvôli nasledujúcej chybe: %%31

Error - 10.3.2012 9:33:01 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7001
Description = Spustenie služby AFD, od ktorej závisí služba TCP/IP NetBIOS Helper,
zlyhalo kvôli nasledujúcej chybe: %%31

Error - 10.3.2012 9:33:01 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7001
Description = Spustenie služby IPSEC driver, od ktorej závisí služba IPSEC Services,
zlyhalo kvôli nasledujúcej chybe: %%31

Error - 10.3.2012 9:33:01 | Computer Name = MARTIN-E155AC7F | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: Aavmker4 AFD aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT Processor
RasAcd
Rdbss
Tcpip
WS2IFSL

Error - 10.3.2012 9:43:26 | Computer Name = MARTIN-E155AC7F | Source = DCOM | ID = 10005
Description = Server DCOM zistil chybu %1084 pri pokuse spustiť službu EventSystem
s argumentmi potrebnú na spustenie servera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11.3.2012 12:24:15 | Computer Name = MARTIN-E155AC7F | Source = Ntfs | ID = 262199
Description = Štruktúra systému súborov na disku je poškodená a je nepoužiteľná.
Na
zväzku C: spustite pomôcku chkdsk.

< End of report >

#25 Příspěvek od **Mc_Murphy** » 12 bře 2012 11:08

Vyčisti si Plochu od velkých souborů. Velikost by měla být maximálně tak do 300 MB, jinak se bude systém zpomalovat.

Zdá se, že máš poškozenu strukturu systému souborů na disku C:\ - chtělo by to na něm spustit chkdsk (check disk), umíš to?

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[clearallrestorepoints]
[resethosts]
[purity]
[emptytemp]
[emptyflash]

:OTL
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dtscsi)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az0nwo27)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a95e1hkr)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\icqplugin.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

:Files
C:\Documents and Settings\All Users\Application Data\ESET
C:\Documents and Settings\Martin\Application Data\ESET
C:\Documents and Settings\All Users\Application Data\McAfee
C:\Documents and Settings\Martin\My Documents\n 6220\aplikacie\Capree.iON.BatteryTimer.v1.02.S60v3.SymbianOS9.x.Unsigned.Cracked-TgSPDA.sis /d
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\keygens.nl.idx
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.unlimitedserials.com%2Ffavicon.ico
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\serial.nolimit.cz.idx
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.unlimitedserials.com.idx
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

mety · #26 Příspěvek od **mety** » 12 bře 2012 11:12

plocha ma 56 MB

check disk neviem spustit, ale ked som teraz zapinal PC, tak mi vypisovalo nieco o check disku a robilo to par minut

OTL logfile created on: 12.3.2012 11:13:32 - Run 2
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\Martin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.17184)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 578,20 Mb Available Physical Memory | 56,49% Memory free
2,40 Gb Paging File | 1,65 Gb Available in Paging File | 68,84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116,42 Gb Total Space | 39,37 Gb Free Space | 33,82% Space Free | Partition Type: NTFS
Drive D: | 116,45 Gb Total Space | 20,72 Gb Free Space | 17,79% Space Free | Partition Type: NTFS

Computer Name: MARTIN-E155AC7F | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.03.11 17:24:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
PRC - [2012.02.08 19:02:12 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashServ.exe
PRC - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashMaiSv.exe
PRC - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\ashWebSv.exe
PRC - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast4\aswUpdSv.exe
PRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.20 13:04:26 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.08 19:02:31 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.02.08 19:02:31 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.02.08 19:02:31 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.02.08 19:02:30 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.02.08 19:02:30 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.02.08 19:02:30 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.02.08 19:02:30 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.02.08 19:02:30 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.02.08 19:02:30 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.02.08 19:02:30 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.02.08 19:02:30 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.02.08 19:02:30 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012.02.08 19:02:29 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011.11.03 16:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007.10.02 14:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 17:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003.07.29 08:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.08.07 10:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dtscsi)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ah43bz54)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aal5t5k2)
DRV - [2011.07.20 08:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.07.20 08:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.07.20 08:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011.07.20 08:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.07.20 08:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.11.12 17:58:56 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.03 11:53:24 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay)
DRV - [2009.02.05 22:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.02.05 22:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.02.05 22:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.02.05 22:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.02.05 22:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.02.05 22:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.12.01 23:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.06.06 08:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.05.07 06:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.05.07 06:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.07 06:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007.09.28 10:10:54 | 000,029,696 | R--- | M] (ASUSTek Computer Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfnd51.sys -- (ip100Avista)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.11.24 10:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.24 10:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.11.17 12:05:38 | 002,297,664 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.07.13 09:21:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.17 19:58:24 | 000,000,000 | ---D | M]

[2008.09.18 16:50:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Extensions
[2012.03.10 14:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\extensions
[2010.03.27 15:54:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\icqplugin.xml
[2008.09.18 16:54:55 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\stahujcz.xml
[2011.11.21 11:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.17 19:58:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}
[2011.06.17 19:58:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.17 19:58:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007.08.21 14:30:40 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2007.11.02 02:29:52 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2007.11.02 02:29:52 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2008.04.01 21:17:12 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2007.11.02 02:29:52 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.10 14:44:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.18.5 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{527EC34A-5D17-4BBE-8699-2C0CA03611C4}: DhcpNameServer = 10.5.18.5 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Martin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[CLEARALLRESTOREPOINTS]
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.03.11 17:24:21 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
[2012.03.10 14:42:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.03.10 13:55:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.03.09 23:16:42 | 000,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.03.09 23:16:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Antivirus
[2012.03.09 23:16:41 | 000,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.03.09 23:16:40 | 000,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.03.09 23:16:39 | 000,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.03.09 23:16:39 | 000,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2012.03.09 23:16:39 | 000,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.03.09 23:16:39 | 000,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.03.09 23:16:39 | 000,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.03.09 23:16:15 | 001,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.03.09 23:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Avast4
[2012.03.09 21:45:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Martin\Start Menu\Programs\Administrative Tools
[2012.03.09 17:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Desktop\rar-ka
[2012.03.02 22:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.03.12 10:04:54 | 000,013,690 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.12 10:04:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.12 10:04:48 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.11 19:30:06 | 001,922,494 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\lg2.jpg
[2012.03.11 19:29:56 | 001,574,463 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\lg1.jpg
[2012.03.11 19:27:48 | 001,498,013 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\tv2.jpg
[2012.03.11 19:27:34 | 001,643,092 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\tv1.jpg
[2012.03.11 17:30:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.11 17:24:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Desktop\OTL.exe
[2012.03.11 17:04:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.03.10 14:44:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.03.10 13:55:40 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.03.10 00:28:46 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012.03.10 00:10:27 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.09 23:16:42 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2012.03.09 23:16:39 | 000,002,617 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.03.09 17:25:16 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\Odkaz na Music Right now.lnk
[2012.03.09 07:29:11 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012.03.07 21:35:19 | 000,001,050 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.03.05 18:24:29 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012.03.05 09:51:57 | 000,086,050 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\forum mid G19483.jpg
[2012.03.05 09:51:15 | 000,123,313 | ---- | M] () -- C:\Documents and Settings\Martin\Desktop\varial mid st leather G48382.jpg
[2012.03.02 17:26:05 | 000,150,016 | RHS- | M] () -- C:\WINDOWS\System32\d3dx10_39H.dll
[2012.02.20 13:04:26 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.02.17 07:21:25 | 001,699,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.16 20:14:51 | 000,435,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.16 20:14:51 | 000,068,584 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.16 20:12:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.11 18:36:05 | 001,643,092 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\tv1.jpg
[2012.03.11 18:35:48 | 001,498,013 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\tv2.jpg
[2012.03.11 18:35:29 | 001,922,494 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\lg2.jpg
[2012.03.11 18:35:29 | 001,574,463 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\lg1.jpg
[2012.03.11 17:30:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.10 14:44:08 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.10 13:55:40 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.03.10 13:55:37 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.03.09 23:16:42 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2012.03.09 23:16:15 | 000,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2012.03.09 17:25:16 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\Odkaz na Music Right now.lnk
[2012.03.05 09:51:57 | 000,086,050 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\forum mid G19483.jpg
[2012.03.05 09:51:15 | 000,123,313 | ---- | C] () -- C:\Documents and Settings\Martin\Desktop\varial mid st leather G48382.jpg
[2012.03.02 17:26:05 | 000,150,016 | RHS- | C] () -- C:\WINDOWS\System32\d3dx10_39H.dll
[2012.02.16 14:31:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.16 14:31:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011.11.26 20:30:10 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\SRDownloader.nast
[2011.08.23 00:18:17 | 000,276,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.05.29 19:17:03 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo_6_6_s.dll
[2011.05.29 19:16:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

========== Custom Scans ==========

< :Commands >

< [resethosts] >

< [purity] >

< [emptytemp] >

< [emptyflash] >

< >

< :OTL >

< SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) >

< DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) >

< DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) >

< DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) >

< DRV - File not found [Kernel | System | Stopped] -- -- (Changer) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dtscsi) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme) >

< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az0nwo27) >

< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a95e1hkr) >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm >

< IE - HKLM\..\URLSearchHook: - No CLSID value found >

< IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found >

< IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >

< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?} >

< IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found >

< IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found >

< IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found >

< IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found >

< IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\URLSearchHook: - No CLSID value found >

< IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19} >

< IE - HKU\S-1-5-21-1123561945-1993962763-839522115-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd >

< FF - prefs.js..browser.search.defaultenginename: "ICQ Search" >

< FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3 >

< FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 >

< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

< [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\icqplugin.xml >

< File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} >

< File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KAI50KG8.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8} >

< O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found >

< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >

< [2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ] >

< [16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >

< [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] >

< [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] >

< >

< :Files >

< C:\Documents and Settings\All Users\Application Data\ESET >

< C:\Documents and Settings\Martin\Application Data\ESET >

< C:\Documents and Settings\All Users\Application Data\McAfee >

< C:\Documents and Settings\Martin\My Documents\n 6220\aplikacie\Capree.iON.BatteryTimer.v1.02.S60v3.SymbianOS9.x.Unsigned.Cracked-TgSPDA.sis /d >
Invalid Switch: d

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx >
[2011.07.08 14:01:37 | 000,000,225 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico >
[2010.01.01 10:01:37 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico >
[2009.06.26 13:29:55 | 000,000,318 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\keygens.nl.idx >
[2009.06.26 13:29:55 | 000,000,121 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\keygens.nl.idx

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.unlimitedserials.com%2Ffavicon.ico >
[2011.05.29 19:18:02 | 000,001,150 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.unlimitedserials.com%2Ffavicon.ico

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\serial.nolimit.cz.idx >
[2008.09.28 17:49:00 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\serial.nolimit.cz.idx

< C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.unlimitedserials.com.idx >
[2011.05.29 19:18:02 | 000,000,119 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.unlimitedserials.com.idx

< %windir%\system32\*.tmp.dll /s >

< %windir%\system32\SET*.tmp /s >

< %windir%\*.tmp /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< >

< :Reg >

< [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}] >

< [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}] >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] >

< ""=- >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] >

< ""=- >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] >

< ""=- >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] >

< ""=- >

< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >

< "MSMSGS"=- >

< End of report >

#27 Příspěvek od **Mc_Murphy** » 12 bře 2012 12:28

S Plochou tedy OK.

S logem ne OK, nečteš pořádně návody... kliknul jsi zase na [Prohledat] místo na [Opravit].

mety · #28 Příspěvek od **mety** » 12 bře 2012 12:48

hups, sorry

All processes killed
========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33902 bytes
->FireFox cache emptied: 2893771 bytes
->Opera cache emptied: 25160 bytes

User: Administrator.MARTIN-E155AC7F
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator.MARTIN-E155AC7F.000
->Temp folder emptied: 18102 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Martin
->Temp folder emptied: 58880 bytes
->Temporary Internet Files folder emptied: 1074895 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 80470072 bytes
->Google Chrome cache emptied: 297153990 bytes
->Opera cache emptied: 10258557 bytes
->Flash cache emptied: 106472 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 376,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.MARTIN-E155AC7F

User: Administrator.MARTIN-E155AC7F.000

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: Martin
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== OTL ==========
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service dtscsi stopped successfully!
Service dtscsi deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
Error: No service named az0nwo27 was found to stop!
Service\Driver key az0nwo27 not found.
Error: No service named a95e1hkr was found to stop!
Service\Driver key a95e1hkr not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1123561945-1993962763-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.3 removed from extensions.enabledItems
Prefs.js: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\kai50kg8.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ not found.
C:\WINDOWS\AppPatch\SETE3.tmp deleted successfully.
C:\WINDOWS\AppPatch\SETE4.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP219.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP230.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP274.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP318.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPECB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEE3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF05.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF1F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF8.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI511.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9CE.tmp deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Charon folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET folder moved successfully.
C:\Documents and Settings\Martin\Application Data\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\Martin\Application Data\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Martin\Application Data\ESET folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SecurityScanner\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McUICnt\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\Common\MsiExec folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\Common folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee folder moved successfully.
C:\Documents and Settings\Martin\My Documents\n 6220\aplikacie\Capree.iON.BatteryTimer.v1.02.S60v3.SymbianOS9.x.Unsigned.Cracked-TgSPDA.sis deleted successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\crackserial.sk.idx moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fcrackserial.sk%2Fimages%2Ffavicon.ico moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\keygens.nl.idx moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\http%3A%2F%2Fwww.unlimitedserials.com%2Ffavicon.ico moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\serial.nolimit.cz.idx moved successfully.
C:\Documents and Settings\Martin\Local Settings\Application Data\Opera\Opera\icons\www.unlimitedserials.com.idx moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.

OTL by OldTimer - Version 3.2.36.3 log created on 03122012_124216

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_73c.dat moved successfully.

Registry entries deleted on Reboot...

a opat budem pri PC az v piatok

#29 Příspěvek od **Mc_Murphy** » 12 bře 2012 12:57

No vidíš, to už je lepší.

Jak je na tom počítač?

mety · #30 Příspěvek od **mety** » 12 bře 2012 19:26

napisem v piatok

, zatial dakujem za ochotu a strpenie

VIRY.CZ

Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy

Re: Pomalé načítanie plochy