Kontrola logu - procesor ide stale na 100 %

Zpráva

klingoln · #1 Příspěvek od **klingoln** » 24 črc 2012 20:16

Ahoj,

prosim o kontrolu logu, procesor ide na 100 %

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivan LADCE at 2012-07-24 20:32:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (26%) free of 40 GB
Total RAM: 1527 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:26, on 24. 7. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17110)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Eset\UpdateReminder.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Ivan LADCE\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Ivan LADCE.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60263
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60263
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 0: (no name) - http://www.akaska.cz/obrazky/vanoce/darek.gif
O24 - Desktop Component 1: (no name) - http://www.akaska.cz/advent/sobi-sprezeni.gif
O24 - Desktop Component 2: (no name) - http://www.akaska.cz/obrazky/vanoce/santa-v-komine.gif
O24 - Desktop Component 3: (no name) - http://www.akaska.cz/obrazky/vanoce/snehulak2.gif
O24 - Desktop Component 4: (no name) - http://www.akaska.cz/obrazky/vanoce/vlocka.gif
O24 - Desktop Component 5: (no name) - http://b.static.ak.fbcdn.net/images/men ... ground.gif
O24 - Desktop Component 6: (no name) - http://emailnew.azet.sk/MailDownload.ph ... 394&down=1

--
End of file - 11855 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003UA.job
C:\WINDOWS\tasks\OptimizerProUpdaterLogonTask.job
C:\WINDOWS\tasks\OptimizerProUpdaterRefreshTask.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "pdfforge@mybrowserbar.com:4.3, wtxpcom@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa2,version=2.0.0]
"Description"=Picasa2 plugin
"Path"=C:\Program Files\Picasa2\npPicasa2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\
4ff9c7f5ee898@4ff9c7f5ee8d1.info
{872b5b88-9db5-4310-bdd0-ac189557e5f5}

C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\
askcom.xml
bing.xml
conduit.xml
OurBabyMaker_27.xml
softonic.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-04 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-07-19 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-07-19 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-05-09 176936]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-07-19 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-10-19 949376]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2011-09-14 425984]
"snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Sweetpacks Communicator"=C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-23 136176]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-07-19 39408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe [2011-12-20 247968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe"="C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-24 20:32:43 ----D---- C:\Program Files\trend micro
2012-07-24 20:32:42 ----D---- C:\rsit
2012-07-24 19:52:35 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-07-19 00:13:10 ----D---- C:\Program Files\CCleaner
2012-07-11 12:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 12:59:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 12:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 12:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 12:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-10 14:30:54 ----D---- C:\Program Files\SweetIM
2012-07-10 14:26:54 ----D---- C:\Program Files\GTA Vice City CZ
2012-07-08 19:59:41 ----D---- C:\Documents and Settings\All Users\Application Data\OptimizerPro
2012-07-08 19:59:06 ----D---- C:\Documents and Settings\All Users\Application Data\ADDICT-THING
2012-07-08 19:58:51 ----D---- C:\Documents and Settings\All Users\Application Data\InstallMate
2012-07-06 22:39:29 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\Visan
2012-07-06 22:38:21 ----D---- C:\Documents and Settings\All Users\Application Data\Visan
2012-07-06 22:21:11 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\HpUpdate
2012-07-06 22:20:47 ----A---- C:\WINDOWS\system32\HPScanMiniDrv_DJ2050_510g.dll
2012-07-06 22:20:46 ----A---- C:\WINDOWS\system32\hpinksts8711.dll
2012-07-06 22:20:46 ----A---- C:\WINDOWS\system32\hpinkcoi8711.dll
2012-07-06 22:20:45 ----A---- C:\WINDOWS\system32\hpinksts8711LM.dll

======List of files/folders modified in the last 1 month======

2012-07-24 20:32:43 ----RD---- C:\Program Files
2012-07-24 20:30:18 ----D---- C:\WINDOWS\temp
2012-07-24 20:07:23 ----D---- C:\WINDOWS
2012-07-24 20:07:02 ----A---- C:\WINDOWS\NeroDigital.ini
2012-07-24 19:52:57 ----SD---- C:\WINDOWS\Tasks
2012-07-24 19:52:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-24 19:52:36 ----D---- C:\WINDOWS\system32\drivers
2012-07-24 19:52:28 ----D---- C:\WINDOWS\system32
2012-07-24 19:52:22 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-23 15:56:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-07-23 12:57:10 ----HD---- C:\WINDOWS\inf
2012-07-20 12:21:44 ----SHD---- C:\WINDOWS\Installer
2012-07-19 12:21:58 ----D---- C:\Program Files\Mozilla Firefox
2012-07-19 12:21:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-19 00:15:56 ----D---- C:\Program Files\Winamp
2012-07-19 00:15:29 ----D---- C:\WINDOWS\Logs
2012-07-19 00:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2012-07-19 00:13:49 ----D---- C:\WINDOWS\Prefetch
2012-07-19 00:10:50 ----D---- C:\Program Files\Google
2012-07-17 14:57:12 ----D---- C:\Config.Msi
2012-07-17 14:57:11 ----D---- C:\Program Files\Common Files\Nokia
2012-07-17 14:56:19 ----D---- C:\Program Files\Nokia
2012-07-17 14:55:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-07-17 06:21:55 ----D---- C:\Program Files\Windows Media Connect 2
2012-07-17 06:21:55 ----D---- C:\Program Files\Valve
2012-07-17 06:20:53 ----D---- C:\UnrealTournament
2012-07-17 06:17:08 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-17 06:03:56 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\PriceGong
2012-07-17 05:55:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-07-17 05:55:57 ----D---- C:\Program Files\Microsoft
2012-07-16 10:24:40 ----D---- C:\WINDOWS\Minidump
2012-07-14 09:47:19 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2012-07-13 20:23:15 ----A---- C:\WINDOWS\wininit.ini
2012-07-13 18:53:06 ----D---- C:\WINDOWS\Debug
2012-07-11 12:59:45 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 12:59:12 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-07-11 12:56:13 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-06 22:21:12 ----D---- C:\Program Files\HP
2012-07-06 22:20:26 ----D---- C:\WINDOWS\twain_32
2012-07-06 22:19:59 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2012-07-06 22:16:40 ----D---- C:\Program Files\Hewlett-Packard
2012-07-06 22:15:27 ----D---- C:\WINDOWS\WinSxS
2012-07-06 22:13:20 ----D---- C:\Program Files\Common Files
2012-07-05 19:34:16 ----D---- C:\WINDOWS\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-01 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2007-10-19 15424]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2007-10-19 512096]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 catchme;catchme; \??\C:\DOCUME~1\IVANLA~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-10-19 552064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-05-16 75136]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2011-11-12 604488]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-30 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-12-27 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-30 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-07-19 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2011-11-12 361288]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 24 črc 2012 20:38

Zdravim

Nejak se mi nepozdava ten NOD co tam mate

Co mame informace z technickeho oddeleni ESETu, tak jsou tam prvky, keter znaci ze na nej neni zakoupena licence ale je bud cracknuta nebo je kazdy mesic reinstalovany

Takze jak to prosim je

klingoln · #3 Příspěvek od **klingoln** » 24 črc 2012 20:52

Je to PC mojej znamej, cize neviem to presne posudit, je mozne, ze je to crack... Kazdopadne som ho odinstaloval a nahradim ho Avastom.

Mam prilozit novy log ako dokaz?

#4 Příspěvek od **vyosek** » 24 črc 2012 20:53

Novy log netreba, mrknem na PC pomoci OTL - ten je dukladnejsi a ma pohodlnejsi mazani

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

klingoln · #5 Příspěvek od **klingoln** » 24 črc 2012 21:23

Ahoj,

tu su logy:

OTL logfile created on: 24. 7. 2012 22:02:22 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Documents and Settings\Ivan LADCE\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1,49 Gb Total Physical Memory | 0,21 Gb Available Physical Memory | 14,02% Memory free
2,84 Gb Paging File | 0,82 Gb Available in Paging File | 28,83% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,22 Gb Free Space | 26,16% Space Free | Partition Type: NTFS
Drive D: | 109,98 Gb Total Space | 44,61 Gb Free Space | 40,57% Space Free | Partition Type: NTFS

Computer Name: ANIČKA | User Name: Ivan LADCE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.24 21:59:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivan LADCE\Desktop\OTL.exe
PRC - [2012.07.19 12:21:26 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.02.26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.11.12 17:40:24 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.10.10 16:49:42 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2006.03.03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.19 12:21:25 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.03.26 21:47:33 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.03.04 10:33:04 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\Execute.dll
MOD - [2008.10.11 23:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007.02.16 17:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.02.16 17:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2006.10.10 16:49:42 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
MOD - [2006.10.10 15:11:08 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012.07.19 12:21:25 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.11.12 17:40:24 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2011.11.12 17:40:21 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.08.07 11:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.03.03 22:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\IVANLA~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.03.15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010.03.15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2010.03.15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2010.03.15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010.03.15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2010.03.15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2010.03.15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.04.24 10:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt)
DRV - [2007.04.24 10:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 10:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.03 14:55:26 | 010,251,904 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp325.sys -- (SNP325)
DRV - [2006.08.18 11:10:24 | 000,061,504 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320bus.sys -- (K320bus)
DRV - [2005.03.04 05:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.04 03:07:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 03:07:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2001.08.17 15:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes,DefaultScope = {FB6B07B8-CE19-472B-A456-DE1143247A56}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTe ... 19660c0f07
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=IEFM1&q ... rer:source?}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask.com/redirect?client ... cale=en_EU
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2269050
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}: "URL" = ${SRCH_SCP_URL}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{F14C9FF6-5763-4288-84D3-068427C80848}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{FB6B07B8-CE19-472B-A456-DE1143247A56}: "URL" = http://www.google.com/search?q={searchT ... LR_skSK486
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Softonic)"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.19 12:21:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.17 05:49:09 | 000,000,000 | ---D | M]

[2009.08.14 20:36:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Extensions
[2012.07.22 22:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions
[2012.06.27 23:26:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.07.08 20:00:49 | 000,000,000 | ---D | M] (ADDICT-THING) -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\4ff9c7f5ee898@4ff9c7f5ee8d1.info
[2009.07.10 18:26:08 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\askcom.xml
[2011.03.30 10:50:32 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\bing.xml
[2011.11.03 14:35:54 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\conduit.xml
[2010.12.19 10:41:09 | 000,010,037 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\OurBabyMaker_27.xml
[2012.06.01 14:56:40 | 000,002,060 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\softonic.xml
[2011.03.30 10:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.22 21:04:35 | 000,172,310 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\IVAN LADCE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\57A09O6A.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011.02.21 17:08:21 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF
[2011.10.21 08:24:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.07.19 12:21:26 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.06.14 23:51:25 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011.06.14 23:51:25 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011.11.20 17:12:31 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.06.14 23:51:25 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011.06.14 23:51:25 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011.06.14 23:51:25 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011.06.14 23:51:25 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - homepage: http://home.sweetim.com/?barid={F38C5CB ... 19660C0F07}
CHR - default_search_provider: Search the web (Softonic) (Enabled)
CHR - default_search_provider: search_url = http://search.softonic.com/MON00006/tb_ ... rce=49&cc=
CHR - default_search_provider: suggest_url =
CHR - homepage: http://home.sweetim.com/?barid={F38C5CB ... 19660C0F07}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Hada v Google = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: God is Love = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ljmoefmiillanibjonlncaemnefahnea\1_0\
CHR - Extension: ADDICT-THING = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obkgdgljepllniimjecoghbmblphbiah\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Hada v Google = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: God is Love = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ljmoefmiillanibjonlncaemnefahnea\1_0\
CHR - Extension: ADDICT-THING = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obkgdgljepllniimjecoghbmblphbiah\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.05.26 20:10:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslať do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2C483FB-EBF9-4F6C-9D24-BB475C0146E1}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 () - http://www.akaska.cz/obrazky/vanoce/darek.gif
O24 - Desktop Components:1 () - http://www.akaska.cz/advent/sobi-sprezeni.gif
O24 - Desktop Components:2 () - http://www.akaska.cz/obrazky/vanoce/santa-v-komine.gif
O24 - Desktop Components:3 () - http://www.akaska.cz/obrazky/vanoce/snehulak2.gif
O24 - Desktop Components:4 () - http://www.akaska.cz/obrazky/vanoce/vlocka.gif
O24 - Desktop Components:5 () - http://b.static.ak.fbcdn.net/images/men ... ground.gif
O24 - Desktop Components:6 () - http://emailnew.azet.sk/MailDownload.ph ... 394&down=1
O24 - Desktop WallPaper: C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.05.22 19:07:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.07.24 21:59:11 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ivan LADCE\Desktop\OTL.exe
[2012.07.24 20:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.24 20:32:42 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.24 20:07:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ivan LADCE\Recent
[2012.07.24 19:52:35 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012.07.24 19:52:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2012.07.24 19:52:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012.07.19 00:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2012.07.19 00:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.19 00:06:18 | 003,889,704 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Ivan LADCE\Desktop\ccleaner_3.20.1750.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.07.24 22:04:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.24 22:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2012.07.24 21:59:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivan LADCE\Desktop\OTL.exe
[2012.07.24 21:49:30 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.24 21:49:29 | 000,000,524 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerProUpdaterLogonTask.job
[2012.07.24 21:49:29 | 000,000,504 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerProUpdaterRefreshTask.job
[2012.07.24 21:49:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.24 21:34:49 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003UA.job
[2012.07.24 21:20:56 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.24 21:14:35 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.24 20:32:45 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003Core.job
[2012.07.24 20:07:02 | 000,096,768 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.24 19:51:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.23 14:00:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012.07.23 10:10:05 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012.07.23 09:19:26 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ReminderNextRun
[2012.07.22 22:21:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012.07.22 20:40:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012.07.21 23:53:35 | 000,073,119 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\My Documents\376356_420661364643037_1483087818_n.jpg
[2012.07.21 23:51:25 | 000,029,308 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\My Documents\563954_420564317986075_2144938692_n.jpg
[2012.07.21 23:48:02 | 000,031,178 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\My Documents\487218_3474140694453_754385190_n.jpg
[2012.07.20 22:08:38 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Desktop\Microsoft Word 2010.lnk
[2012.07.19 00:13:16 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012.07.19 00:07:21 | 003,889,704 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Ivan LADCE\Desktop\ccleaner_3.20.1750.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.24 22:04:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.21 23:52:55 | 000,073,119 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\My Documents\376356_420661364643037_1483087818_n.jpg
[2012.07.21 23:50:13 | 000,029,308 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\My Documents\563954_420564317986075_2144938692_n.jpg
[2012.07.21 23:46:50 | 000,031,178 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\My Documents\487218_3474140694453_754385190_n.jpg
[2012.07.19 00:13:16 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012.05.26 21:13:54 | 000,000,175 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.05.16 16:07:59 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012.05.16 16:07:58 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012.04.01 19:33:28 | 000,004,236 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\.recently-used.xbel
[2012.02.28 16:38:54 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader.err
[2012.02.28 16:02:35 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader 4.nast
[2012.02.16 19:54:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.31 20:35:07 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.10.23 20:15:33 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader.nast
[2011.10.19 22:18:08 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011.09.26 12:33:30 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2011.07.18 20:53:20 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ReminderNextRun
[2011.03.18 17:06:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.18 17:06:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.18 17:06:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.18 17:06:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.18 17:06:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.12.31 20:16:03 | 022,193,755 | ---- | C] () -- C:\WINDOWS\System32\TiskProRadost_AlbumMaker_uninstaller.exe
[2009.02.02 22:15:34 | 000,005,267 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Application Data\froggy_scorebox
[2009.02.02 22:15:34 | 000,001,370 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Application Data\pl_accounts.pl_acc
[2009.02.02 22:15:34 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Troll.options
[2008.08.28 23:49:55 | 002,209,537 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Application Data\NMM-MetaData.db
[2008.01.18 23:54:35 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Ivan LADCE\descript.ion
[2008.01.06 15:48:20 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007.06.22 12:30:28 | 000,096,768 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.22 21:54:10 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Ivan LADCE\default.pls

========== LOP Check ==========

[2007.05.23 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2012.07.17 05:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ADDICT-THING
[2007.05.22 21:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010.09.12 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.02.24 20:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2012.05.23 19:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2010.04.19 23:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012.07.08 19:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012.04.08 20:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.12.31 20:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\M-Photo
[2010.04.19 23:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012.07.09 08:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OptimizerPro
[2011.08.05 11:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012.02.26 17:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011.11.12 17:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012.05.16 16:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2012.02.19 19:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Veselé Omalovánky 1
[2012.07.06 22:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2011.11.12 17:39:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2012.02.19 19:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Špidla Data Processing, s.r.o
[2007.05.23 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ACD Systems
[2008.11.24 23:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.08.13 06:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\COWON
[2011.11.06 14:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\DVDVideoSoft
[2011.11.06 14:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\DVDVideoSoftIEHelpers
[2012.04.01 19:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\gtk-2.0
[2008.04.28 22:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ICQ
[2008.04.28 22:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ICQ Toolbar
[2009.06.22 00:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Image Zone Express
[2009.02.17 15:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\LimeWire
[2009.02.01 14:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\MagicBall3
[2011.10.22 23:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\MSNInstaller
[2008.09.21 20:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Nokia
[2007.10.04 20:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Opera
[2008.01.06 15:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Panasonic
[2012.05.08 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PC Suite
[2010.03.23 14:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\pdfforge
[2011.11.03 20:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PlayFirst
[2012.07.17 06:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PriceGong
[2012.05.16 16:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PunkBuster
[2011.02.21 17:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Search Settings
[2010.03.07 20:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Softland
[2010.10.24 00:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Software Informer
[2011.07.31 18:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Sony
[2011.10.22 21:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\TeamViewer
[2011.11.12 17:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\TuneUp Software
[2012.07.06 22:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Visan
[2012.02.19 19:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\wrapper
[2009.02.03 15:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Zak&Jack
[2009.11.30 20:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Zoner
[2012.02.19 19:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Špidla Data Processing, s.r.o
[2010.03.07 20:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2012.07.23 10:10:05 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012.07.22 20:40:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012.07.22 22:21:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012.07.23 14:00:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012.07.24 22:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012.07.24 21:49:29 | 000,000,524 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterLogonTask.job
[2012.07.24 21:49:29 | 000,000,504 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterRefreshTask.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 03:07:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 03:07:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2004.08.04 03:07:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 03:07:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.04 03:07:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.10.30 15:03:06 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 03:07:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 03:07:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2007.09.30 19:00:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=021415AD071EF3944C27DC9597ED2214 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2004.08.04 03:07:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=1745B00FC1141404B28F4B94F69A8871 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 03:07:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 03:07:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[27 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[3 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\*.tmp -> ]
[2 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2007.05.23 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2012.07.17 05:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ADDICT-THING
[2012.01.20 01:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.12.27 20:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2012.04.08 20:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2011.10.22 23:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007.05.22 21:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011.02.15 14:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.09.12 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.02.24 20:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2012.07.19 00:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2012.07.06 22:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2012.05.23 19:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2010.04.19 23:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012.07.08 19:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012.04.08 20:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.12.31 20:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\M-Photo
[2011.12.20 14:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012.07.17 05:55:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.07.11 12:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2012.04.27 15:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.04.08 20:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.04.19 23:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012.07.09 08:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OptimizerPro
[2011.08.05 11:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.02.06 13:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012.07.14 09:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012.02.26 17:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011.11.12 17:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012.05.16 16:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2012.02.19 19:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Veselé Omalovánky 1
[2012.07.06 22:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2007.06.02 21:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.11.12 17:39:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2012.02.19 19:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Špidla Data Processing, s.r.o

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\17721\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\17721\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\17721\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\17721\ReaderUpdater.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001}\Setup.exe
[2010.04.19 23:31:40 | 035,541,168 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\NokiaSoftwareUpdaterSetup_sk(2).exe
[2010.04.19 23:47:30 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\msxml6Exec.exe
[2010.04.19 23:47:29 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\Sleep.exe
[2010.04.19 23:47:27 | 003,203,453 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\vcredistExec.exe
[2008.08.28 22:46:13 | 036,293,352 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_slk.exe
[2008.08.28 22:46:31 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe
[2008.08.28 22:46:31 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe
[2008.08.28 22:46:31 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.07.08 19:59:42 | 000,208,896 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\OptimizerPro\ix_updater.exe
[2009.01.28 23:24:38 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2009.01.28 23:24:39 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2011.03.11 05:29:11 | 000,225,936 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe
[2011.08.09 12:53:11 | 000,228,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\Setup.exe
[2011.03.11 05:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Setup.exe

< %APPDATA%\*. >
[2007.05.23 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ACD Systems
[2011.02.20 22:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Adobe
[2007.10.28 12:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\AdobeUM
[2007.05.22 17:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Ahead
[2008.01.06 15:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Apple Computer
[2008.11.24 23:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.08.13 06:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\COWON
[2009.01.03 23:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\DivX
[2012.05.04 13:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\dvdcss
[2011.11.06 14:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\DVDVideoSoft
[2011.11.06 14:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\DVDVideoSoftIEHelpers
[2008.09.21 00:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\FastStone
[2012.05.30 20:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Google
[2012.04.01 19:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\gtk-2.0
[2007.07.25 23:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Help
[2011.09.26 12:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\HP
[2012.07.06 22:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\HpUpdate
[2008.04.28 22:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ICQ
[2008.04.28 22:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\ICQ Toolbar
[2007.05.22 19:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Identities
[2009.06.22 00:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Image Zone Express
[2009.02.13 21:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\InstallShield
[2011.10.22 22:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Lavasoft
[2009.02.17 15:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\LimeWire
[2007.06.09 13:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Macromedia
[2009.02.01 14:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\MagicBall3
[2012.02.28 13:59:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Microsoft
[2009.08.14 20:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla
[2011.10.22 23:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\MSNInstaller
[2008.09.21 20:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Nokia
[2007.10.04 20:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Opera
[2008.01.06 15:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Panasonic
[2012.05.08 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PC Suite
[2010.03.23 14:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\pdfforge
[2011.11.03 20:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PlayFirst
[2012.07.17 06:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PriceGong
[2012.05.16 16:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\PunkBuster
[2011.02.21 17:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Search Settings
[2011.12.19 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Skype
[2011.12.19 22:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\skypePM
[2010.03.07 20:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Softland
[2010.10.24 00:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Software Informer
[2011.07.31 18:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Sony
[2008.01.08 13:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Sun
[2011.10.22 21:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\TeamViewer
[2011.11.12 17:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\TuneUp Software
[2012.07.06 22:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Visan
[2009.08.24 10:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\vlc
[2008.11.28 11:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\WinRAR
[2012.02.19 19:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\wrapper
[2009.02.03 15:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Zak&Jack
[2009.11.30 20:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Zoner
[2012.02.19 19:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivan LADCE\Application Data\Špidla Data Processing, s.r.o

< %APPDATA%\*.exe /s >
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\PunkBuster\pbsetup\pbsvc.exe
[2012.02.19 19:42:18 | 001,863,680 | -H-- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\wrapper\Veselá kuřata\game.exe
[2012.02.19 19:41:20 | 001,173,631 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\wrapper\Veselá kuřata\unins000.exe
[2011.12.19 15:25:54 | 005,533,868 | ---- | M] (Spidla) -- C:\Documents and Settings\Ivan LADCE\Application Data\wrapper\Veselá kuřata\Vesela kurata.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.07.23 10:10:05 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012.07.22 20:40:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012.07.22 22:21:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012.07.23 14:00:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012.07.24 22:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012.07.24 21:49:30 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.24 21:20:56 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.24 20:32:45 | 000,000,984 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003Core.job
[2012.07.24 21:34:49 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003UA.job
[2012.07.24 21:49:29 | 000,000,524 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterLogonTask.job
[2012.07.24 21:49:29 | 000,000,504 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterRefreshTask.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.05.22 20:54:24 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.05.22 20:54:24 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.05.22 20:54:23 | 000,884,736 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.24 19:51:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2007.06.20 12:49:10 | 000,451,872 | ---- | M] (Hewlett-Packard Company)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Ivan LADCE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2011.10.23 15:12:14 | 000,136,176 | ---- | M] (Google Inc.)
"swg" = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -- [2012.07.19 00:14:09 | 000,039,408 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.19 12:21:26 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.04.22 08:40:38 | 000,634,488 | ---- | M] (Microsoft Corporation) MD5=0A39EEAD063CCDFF36AC9F0B8F800956 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.01.10 00:30:36 | 000,949,104 | ---- | M] (Opera Software) MD5=734CACDE3E6D1882AAE2C6F8F8BE4F93 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

klingoln · #6 Příspěvek od **klingoln** » 24 črc 2012 21:25

kedze je to vela znakov, tu je zvysok OTL.txt

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.24 22:04:36 | 000,000,512 | ---- | M] () MD5=8811697C9858E7D77B0A18885E65525C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.03.02 13:38:00 | 000,143,192 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\arthur_egg_cracking.GR2
[2006.03.21 15:58:20 | 000,699,216 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\castle_wall_crack.DDS
[2006.03.21 15:59:22 | 002,796,332 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\castle_wall_crack.normalmap.DDS
[2006.01.13 16:36:38 | 000,012,643 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\evil_egg_cracked.GR2
[2006.01.20 16:29:02 | 000,085,817 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\evil_egg_cracking.GR2
[2006.01.13 16:37:56 | 000,012,340 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\ice_egg_cracked.GR2
[2006.05.17 17:46:30 | 000,056,025 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\meshes\Buildings\ice_egg_cracking.GR2
[2006.04.05 14:37:10 | 000,001,014 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\particles\arthur_egg_cracking.pel
[2006.05.25 15:36:06 | 000,001,046 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\particles\evil_egg_cracking.pel
[2006.05.18 12:29:04 | 000,001,030 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\particles\ice_egg_cracking.pel
[2006.01.20 18:35:42 | 000,000,686 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\particles\ice_egg_cracking2.pel
[2006.05.04 12:26:50 | 000,043,832 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\terrain\evil_cracked.dds
[2006.05.04 12:26:30 | 000,043,832 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\terrain\evil_cracked_2.dds
[2006.05.04 12:27:32 | 000,043,832 | R--- | M] () -- \Program Files\FireFly Studios\Stronghold Legends\terrain\evil_cracked_3.DDS
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *loader* /s >
[2011.11.03 14:35:54 | 000,010,144 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm
[2012.07.22 22:46:20 | 000,216,359 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi
[2012.06.27 08:23:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm
[2011.10.23 20:14:44 | 000,903,680 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Desktop\SRDownloader.exe
[2012.02.28 16:02:57 | 000,000,960 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader 4.nast
[2012.02.28 21:25:42 | 000,000,256 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader.err
[2012.02.28 21:33:12 | 000,001,176 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Local Settings\Application Data\SRDownloader.nast
[2010.08.24 16:09:00 | 000,005,274 | ---- | M] () -- \Documents and Settings\Ivan LADCE\Local Settings\Application Data\Microsoft\Toolbar\Applications\loader.xap
[2011.11.26 22:27:05 | 000,001,737 | ---- | M] () -- \Documents and Settings\Ivan LADCE\My Documents\3kola 2011 Aňa\Zaklady_tvorivosti_subory\loader.gif
[2012.02.28 19:30:36 | 000,381,198 | ---- | M] () -- \Documents and Settings\Ivan LADCE\My Documents\Preberanie\uploader.exe
[2007.06.01 10:20:26 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2009.10.06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 2050 J510 series\Bin\HelpViewer\Resources\Loader.gif
[2008.06.11 09:24:36 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_slk.nlr
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2008.06.20 20:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.04 03:07:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2002.02.01 19:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2009.07.20 09:34:54 | 000,070,936 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< End of report >

a tu je log Extras:

OTL Extras logfile created on: 24. 7. 2012 22:02:22 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Documents and Settings\Ivan LADCE\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1,49 Gb Total Physical Memory | 0,21 Gb Available Physical Memory | 14,02% Memory free
2,84 Gb Paging File | 0,82 Gb Available in Paging File | 28,83% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,22 Gb Free Space | 26,16% Space Free | Partition Type: NTFS
Drive D: | 109,98 Gb Total Space | 44,61 Gb Free Space | 40,57% Space Free | Partition Type: NTFS

Computer Name: ANIČKA | User Name: Ivan LADCE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
"C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe" = C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- (Firefly Studios)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager -- (SweetIM Technologies Ltd.)
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{29498512-A137-4478-8691-922829F108DC}" = HP Deskjet 2050 J510 series Product Improvement Study
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4183178B-4D4E-48A7-9257-454BA90A760E}" = SweetPacks Toolbar for Internet Explorer 4.6
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{90140000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0B139A7-E8D5-49E8-A7BF-12421E652208}" = pdfforge Toolbar v4.3
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC61F51E-8AF7-46B9-AF20-B33B5EE81051}" = Nero 7 Essentials
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5EB90E1-8A46-4ED5-009D-C793E646C04F}" = Need for Speed Underground 2 Demo
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{E654D1E3-B18B-4953-BFBC-F16227323E05}" = HP Deskjet 2050 J510 series Basic Device Software
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
"ACDSee" = ACDSee
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AquaDigger3D DEMO_is1" = AquaDigger3D DEMO
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem (05/22/2008 3.8)
"CCleaner" = CCleaner
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
"C-Media Audio Driver" = C-Media WDM Audio Driver
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"HijackThis" = HijackThis 2.0.2
"HPOCR" = OCR Software by I.R.I.S 7.0
"HyperSnap 6" = HyperSnap 6
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Micro Madness_is1" = Micro Madness
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 sk)" = Mozilla Firefox 14.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 11.60.1185" = Opera 11.60
"OptimizerProUpdater" = OptimizerPro Updater
"PC Translator 2004 Komplet" = PC Translator 2004 Komplet
"PunkBusterSvc" = PunkBuster Services
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 0.9.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Stronghold Legends CZ" = Stronghold Legends CZ

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9. 7. 2012 10:12:33 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia gta-vc.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 10. 7. 2012 8:26:31 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia gta-vc.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 10. 7. 2012 8:31:00 | Computer Name = ANIČKA | Source = MsiInstaller | ID = 1013
Description = Product: SweetPacks Toolbar for Internet Explorer 4.5 -- A higher
version of SweetPacks Toolbar for Internet Explorer is already installed.

Error - 10. 7. 2012 8:31:10 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia GotClip_Setup.exe, verzia 0.0.0.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 17. 7. 2012 15:05:19 | Computer Name = ANIČKA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie vlc.exe, verzia 0.9.4.0, zlyhanie modulu libvout_directx_plugin.dll,
verzia 0.0.0.0, adresa zlyhania 0x0000698c.

Error - 19. 7. 2012 13:26:32 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia hl.exe, verzia 1.1.1.1, zablokovaný modul hungapp,
verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 20. 7. 2012 9:19:33 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia opera.exe, verzia 11.60.1185.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 20. 7. 2012 16:12:44 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 14.0.6024.1000, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 22. 7. 2012 14:31:47 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.17110, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 23. 7. 2012 4:40:14 | Computer Name = ANIČKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia HprSnap6.exe, verzia 6.13.2.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

[ OSession Events ]
Error - 13. 10. 2011 4:41:24 | Computer Name = ANIČKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 13. 10. 2011 4:41:53 | Computer Name = ANIČKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 13. 10. 2011 4:41:58 | Computer Name = ANIČKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 13. 10. 2011 4:42:03 | Computer Name = ANIČKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

[ System Events ]
Error - 24. 7. 2012 13:51:55 | Computer Name = ANIČKA | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.4 adresy IP pre
sieťovú kartu so sieťovou adresou 0019660C0F07 (server DHCP odoslal hlásenie DHCPNACK).

Error - 24. 7. 2012 13:52:13 | Computer Name = ANIČKA | Source = Print | ID = 23
Description = Tlačiareň Lexmark 1200 Series,0 sa nepodarilo inicializovať, pretože
sa nenašiel zodpovedajúci ovládač Lexmark 1200 Series.

Error - 24. 7. 2012 14:58:26 | Computer Name = ANIČKA | Source = Print | ID = 23
Description = Tlačiareň Lexmark 1200 Series,0 sa nepodarilo inicializovať, pretože
sa nenašiel zodpovedajúci ovládač Lexmark 1200 Series.

Error - 24. 7. 2012 14:59:47 | Computer Name = ANIČKA | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby IMAPI CD-Burning
COM Service.

Error - 24. 7. 2012 14:59:47 | Computer Name = ANIČKA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IMAPI CD-Burning COM Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 24. 7. 2012 15:05:24 | Computer Name = ANIČKA | Source = Print | ID = 23
Description = Tlačiareň Lexmark 1200 Series,0 sa nepodarilo inicializovať, pretože
sa nenašiel zodpovedajúci ovládač Lexmark 1200 Series.

Error - 24. 7. 2012 15:06:49 | Computer Name = ANIČKA | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby IMAPI CD-Burning
COM Service.

Error - 24. 7. 2012 15:06:50 | Computer Name = ANIČKA | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IMAPI CD-Burning COM Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 24. 7. 2012 15:28:31 | Computer Name = ANIČKA | Source = Print | ID = 23
Description = Tlačiareň Lexmark 1200 Series,0 sa nepodarilo inicializovať, pretože
sa nenašiel zodpovedajúci ovládač Lexmark 1200 Series.

Error - 24. 7. 2012 15:49:34 | Computer Name = ANIČKA | Source = Print | ID = 23
Description = Tlačiareň Lexmark 1200 Series,0 sa nepodarilo inicializovať, pretože
sa nenašiel zodpovedajúci ovládač Lexmark 1200 Series.

[ TuneUp Events ]
Error - 21. 6. 2012 14:41:12 | Computer Name = ANIČKA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-21 20:41:12', '\device\harddiskvolume1\program
files\leo's flight simulator\arm\setup.exe','3656',0)

Error - 21. 6. 2012 14:41:44 | Computer Name = ANIČKA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-06-21 20:41:44', '\device\harddiskvolume1\program
files\leo's flight simulator\arm\setup.exe','3712',0)

Error - 13. 7. 2012 12:48:24 | Computer Name = ANIČKA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-07-13 18:48:24', '\device\harddiskvolume1\program
files\leo's flight simulator\arm\setup.exe','2776',0)

< End of report >

#7 Příspěvek od **vyosek** » 25 črc 2012 06:34

klingoln píše:Kazdopadne som ho odinstaloval a nahradim ho Avastom.

Nejak ho v logu nevidim - ani procesy, ani ovladace, ani ve vytvorenych souborech

Taaakze

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Nahrady za Spybota:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\IVANLA~1\LOCALS~1\Temp\catchme.sys -- (catchme)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7

IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes,DefaultScope = {FB6B07B8-CE19-472B-A456-DE1143247A56}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=f0f993e20000000000000019660c0f07
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask.com/redirect?client ... src=crm&q={searchTerms}&locale=en_EU
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}: "URL" = ${SRCH_SCP_URL}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{F14C9FF6-5763-4288-84D3-068427C80848}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
IE - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\SearchScopes\{FB6B07B8-CE19-472B-A456-DE1143247A56}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGLR_skSK486
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Softonic)"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
[2012.06.27 23:26:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2009.07.10 18:26:08 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\askcom.xml
[2011.03.30 10:50:32 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\bing.xml
[2011.11.03 14:35:54 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\conduit.xml
[2010.12.19 10:41:09 | 000,010,037 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\OurBabyMaker_27.xml
[2012.06.01 14:56:40 | 000,002,060 | ---- | M] () -- C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\softonic.xml
[2011.02.21 17:08:21 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF
CHR - homepage: http://home.sweetim.com/?barid={F38C5CB0-A440-11E1-BBCA-0019660C0F07}
CHR - default_search_provider: Search the web (Softonic) (Enabled)
CHR - default_search_provider: search_url = http://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=49&cc=
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://home.sweetim.com/?barid={F38C5CB0-A440-11E1-BBCA-0019660C0F07}
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-879983540-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[27 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[3 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\*.tmp -> ]
[2 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[2012.07.24 22:02:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012.07.24 21:49:30 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.07.24 21:20:56 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.24 20:32:45 | 000,000,984 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003Core.job
[2012.07.24 21:34:49 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003UA.job
[2012.07.24 21:49:29 | 000,000,524 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterLogonTask.job
[2012.07.24 21:49:29 | 000,000,504 | -H-- | M] () -- C:\WINDOWS\Tasks\OptimizerProUpdaterRefreshTask.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"NeroFilterCheck"=-
"HP Software Update"=-
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=-
"Google Update"=-
"swg"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

:files
C:\Program Files\SweetIM
C:\Windows\AutoKMS.exe
C:\WINDOWS\tasks\At*.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit ci Run Fix
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

klingoln · #8 Příspěvek od **klingoln** » 25 črc 2012 16:14

Ahoj,

Avasta som este nenainstaloval, ale NOD je uz odinstalovany, taktiez Spybot, tu je log z OTL:

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service UsbserFilt stopped successfully!
Service UsbserFilt deleted successfully!
File system32\DRIVERS\usbser_lowerfltj.sys not found.
Service upperdev stopped successfully!
Service upperdev deleted successfully!
File system32\DRIVERS\usbser_lowerflt.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service nmwcdc stopped successfully!
Service nmwcdc deleted successfully!
File system32\drivers\ccdcmbo.sys not found.
Service nmwcd stopped successfully!
Service nmwcd deleted successfully!
File system32\drivers\ccdcmb.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\IVANLA~1\LOCALS~1\Temp\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41396b1b-447e-473b-a34b-bb583136c7fc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-1454471165-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll not found.
HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{105E99FF-8B9A-4492-B155-06194B9056D2}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{41396b1b-447e-473b-a34b-bb583136c7fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41396b1b-447e-473b-a34b-bb583136c7fc}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{F14C9FF6-5763-4288-84D3-068427C80848}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F14C9FF6-5763-4288-84D3-068427C80848}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{FB6B07B8-CE19-472B-A456-DE1143247A56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB6B07B8-CE19-472B-A456-DE1143247A56}\ not found.
Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine
Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
Prefs.js: "SweetIM Search" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "Search the web (Softonic)" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://www.google.sk/" removed from browser.startup.homepage
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\bing.xml moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\OurBabyMaker_27.xml moved successfully.
C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\searchplugins\softonic.xml moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome\skin folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome\locale\EN-US folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome\locale folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome\content folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF folder moved successfully.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ deleted successfully.
C:\Program Files\PC Translator\webie.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator deleted successfully.
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
C:\WINDOWS\003243_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1194.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11E5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1200.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP122B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1417.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP159E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B84.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CDC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DA6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FA.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F4.tmp\PresentationFramework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP301.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP316.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP318.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP319.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3FC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP421.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP503.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA01.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD12.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF51.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1AE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8DA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA66.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\RGI548.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\BITC8F.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\gt1C1.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\Google Toolbar\gt23F.tmp deleted successfully.
C:\WINDOWS\temp\IH1E6.tmp deleted successfully.
C:\WINDOWS\temp\NOD37.tmp deleted successfully.
C:\WINDOWS\Tasks\AutoKMS.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003Core.job not found.
File C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-879983540-725345543-1003UA.job not found.
C:\WINDOWS\Tasks\OptimizerProUpdaterLogonTask.job moved successfully.
C:\WINDOWS\Tasks\OptimizerProUpdaterRefreshTask.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk\ deleted successfully.
========== FILES ==========
C:\Program Files\SweetIM\Messenger folder moved successfully.
C:\Program Files\SweetIM\Communicator folder moved successfully.
C:\Program Files\SweetIM folder moved successfully.
File\Folder C:\Windows\AutoKMS.exe not found.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Ivan LADCE
->Temp folder emptied: 140320269 bytes
->Temporary Internet Files folder emptied: 225256 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 64608331 bytes
->Opera cache emptied: 3875 bytes
->Flash cache emptied: 896 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 62724 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 69536 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49601299 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1071740 bytes
RecycleBin emptied: 9119 bytes

Total Files Cleaned = 244,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Ivan LADCE
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: Ivan LADCE
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.54.1 log created on 07252012_171023

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 25 črc 2012 19:56

Nastala nejaka zmena v chovani

klingoln · #10 Příspěvek od **klingoln** » 25 črc 2012 20:01

Procesor uz nebezi na 100 %, taktiez prestala vyskakovat hlaska, ze bol nedostatok virtualnej pamäte (to som predtym zabudol napisat). Taktiez je PC zivsie, doinstaloval som uz aj Avasta.

#11 Příspěvek od **vyosek** » 25 črc 2012 20:03

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Poprosim o novy RSIT

klingoln · #12 Příspěvek od **klingoln** » 25 črc 2012 20:53

Vsetko vykonane, tu je novy log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivan LADCE at 2012-07-25 21:51:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (32%) free of 40 GB
Total RAM: 1527 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:52:04, on 25. 7. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17110)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Ivan LADCE\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Ivan LADCE.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60263
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60263
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 0: (no name) - http://www.akaska.cz/obrazky/vanoce/darek.gif
O24 - Desktop Component 1: (no name) - http://www.akaska.cz/advent/sobi-sprezeni.gif
O24 - Desktop Component 2: (no name) - http://www.akaska.cz/obrazky/vanoce/santa-v-komine.gif
O24 - Desktop Component 3: (no name) - http://www.akaska.cz/obrazky/vanoce/snehulak2.gif
O24 - Desktop Component 4: (no name) - http://www.akaska.cz/obrazky/vanoce/vlocka.gif
O24 - Desktop Component 5: (no name) - http://b.static.ak.fbcdn.net/images/men ... ground.gif
O24 - Desktop Component 6: (no name) - http://emailnew.azet.sk/MailDownload.ph ... 394&down=1

--
End of file - 8789 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?src=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa2,version=2.0.0]
"Description"=Picasa2 plugin
"Path"=C:\Program Files\Picasa2\npPicasa2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\Ivan LADCE\Application Data\Mozilla\Firefox\Profiles\57a09o6a.default\extensions\
4ff9c7f5ee898@4ff9c7f5ee8d1.info

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-04 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe"="C:\Program Files\FireFly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-25 21:51:39 ----D---- C:\rsit
2012-07-25 17:36:15 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-07-25 17:36:14 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-07-25 17:36:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-07-25 17:36:11 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-07-25 17:36:11 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-07-25 17:36:11 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-07-25 17:36:11 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-07-25 17:36:10 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-07-25 17:35:49 ----A---- C:\WINDOWS\avastSS.scr
2012-07-25 17:35:48 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-07-25 17:35:31 ----D---- C:\Program Files\AVAST Software
2012-07-25 17:35:31 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2012-07-24 20:32:43 ----D---- C:\Program Files\trend micro
2012-07-24 19:52:35 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2012-07-19 00:13:10 ----D---- C:\Program Files\CCleaner
2012-07-11 12:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 12:59:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 12:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 12:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 12:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-10 14:26:54 ----D---- C:\Program Files\GTA Vice City CZ
2012-07-08 19:59:41 ----D---- C:\Documents and Settings\All Users\Application Data\OptimizerPro
2012-07-08 19:59:06 ----D---- C:\Documents and Settings\All Users\Application Data\ADDICT-THING
2012-07-08 19:58:51 ----D---- C:\Documents and Settings\All Users\Application Data\InstallMate
2012-07-06 22:39:29 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\Visan
2012-07-06 22:38:21 ----D---- C:\Documents and Settings\All Users\Application Data\Visan
2012-07-06 22:21:11 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\HpUpdate
2012-07-06 22:20:47 ----A---- C:\WINDOWS\system32\HPScanMiniDrv_DJ2050_510g.dll
2012-07-06 22:20:46 ----A---- C:\WINDOWS\system32\hpinksts8711.dll
2012-07-06 22:20:46 ----A---- C:\WINDOWS\system32\hpinkcoi8711.dll
2012-07-06 22:20:45 ----A---- C:\WINDOWS\system32\hpinksts8711LM.dll

======List of files/folders modified in the last 1 month======

2012-07-25 21:51:58 ----D---- C:\WINDOWS\Prefetch
2012-07-25 21:40:46 ----D---- C:\WINDOWS\temp
2012-07-25 21:25:44 ----D---- C:\WINDOWS
2012-07-25 21:25:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-25 21:18:31 ----A---- C:\WINDOWS\NeroDigital.ini
2012-07-25 21:07:18 ----D---- C:\Program Files\Mozilla Firefox
2012-07-25 21:06:30 ----SHD---- C:\System Volume Information
2012-07-25 21:06:30 ----D---- C:\WINDOWS\system32\Restore
2012-07-25 20:44:19 ----RASH---- C:\BOOt.ini
2012-07-25 20:44:19 ----A---- C:\WINDOWS\win.ini
2012-07-25 20:44:19 ----A---- C:\WINDOWS\system.ini
2012-07-25 18:07:05 ----SHD---- C:\WINDOWS\Installer
2012-07-25 18:03:43 ----D---- C:\Config.Msi
2012-07-25 18:02:22 ----D---- C:\WINDOWS\WinSxS
2012-07-25 18:01:11 ----D---- C:\Program Files\Common Files
2012-07-25 18:01:10 ----RD---- C:\Program Files
2012-07-25 18:00:07 ----D---- C:\Program Files\Google
2012-07-25 18:00:07 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2012-07-25 17:51:25 ----SD---- C:\WINDOWS\Tasks
2012-07-25 17:51:21 ----D---- C:\WINDOWS\system32
2012-07-25 17:36:15 ----D---- C:\WINDOWS\system32\drivers
2012-07-25 17:11:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-07-25 17:10:47 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-25 17:10:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-07-25 17:10:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2012-07-24 22:27:41 ----D---- C:\Program Files\ESET
2012-07-24 19:52:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-24 19:52:22 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-23 12:57:10 ----HD---- C:\WINDOWS\inf
2012-07-19 13:59:06 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-19 00:15:56 ----D---- C:\Program Files\Winamp
2012-07-19 00:15:29 ----D---- C:\WINDOWS\Logs
2012-07-17 14:57:11 ----D---- C:\Program Files\Common Files\Nokia
2012-07-17 14:56:19 ----D---- C:\Program Files\Nokia
2012-07-17 14:55:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-07-17 06:21:55 ----D---- C:\Program Files\Windows Media Connect 2
2012-07-17 06:21:55 ----D---- C:\Program Files\Valve
2012-07-17 06:20:53 ----D---- C:\UnrealTournament
2012-07-17 06:17:08 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-17 06:03:56 ----D---- C:\Documents and Settings\Ivan LADCE\Application Data\PriceGong
2012-07-17 05:55:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-07-17 05:55:57 ----D---- C:\Program Files\Microsoft
2012-07-16 10:24:40 ----D---- C:\WINDOWS\Minidump
2012-07-13 20:23:15 ----A---- C:\WINDOWS\wininit.ini
2012-07-13 18:53:06 ----D---- C:\WINDOWS\Debug
2012-07-11 12:59:45 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 12:59:12 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-07-11 12:56:13 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-06 22:21:12 ----D---- C:\Program Files\HP
2012-07-06 22:20:26 ----D---- C:\WINDOWS\twain_32
2012-07-06 22:19:59 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2012-07-06 22:16:40 ----D---- C:\Program Files\Hewlett-Packard
2012-07-05 19:34:16 ----D---- C:\WINDOWS\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-01 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-05-16 75136]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2011-11-12 604488]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-30 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-12-27 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-30 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2011-11-12 361288]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#13 Příspěvek od **vyosek** » 25 črc 2012 21:08

Log jiz vypada cisty

klingoln · #14 Příspěvek od **klingoln** » 25 črc 2012 21:17

Dik moc za pomoc

#15 Příspěvek od **vyosek** » 25 črc 2012 21:21

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

VIRY.CZ

Kontrola logu - procesor ide stale na 100 %

Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %

Re: Kontrola logu - procesor ide stale na 100 %