prosim o kontrolu

[rock_amy]

Logfile of random's system information tool 1.06 (written by random/random)
Run by WinXP at 2010-03-15 14:50:23
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (17%) free of 30 GB
Total RAM: 511 MB (15% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-25 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll [2009-12-15 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9565115d-c7d6-46d3-bd63-b67b481a4368} - PageRage Toolbar - C:\Program Files\PageRage\tbPage.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-03 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136]
"StrSystem"=C:\WINDOWS\strs.exe [2009-07-25 2351616]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-03 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\strs.exe"="C:\WINDOWS\strs.exe:*:Disabled:Strážca systému"
"C:\Program Files\Empire of Sports\NetworkDiagnostic.exe"="C:\Program Files\Empire of Sports\NetworkDiagnostic.exe:*:Enabled:Empire of Sports Network Diagnostic"
"C:\Program Files\Empire of Sports\EmpireOfSports.exe"="C:\Program Files\Empire of Sports\EmpireOfSports.exe:*:Enabled:Empire of Sports"
"C:\Documents and Settings\WinXP\Desktop\Plugin Manager\skypePM.exe"="C:\Documents and Settings\WinXP\Desktop\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\WinXP\Desktop\Phone\Skype.exe"="C:\Documents and Settings\WinXP\Desktop\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\WinXP\Desktop\Skype.exe"="C:\Documents and Settings\WinXP\Desktop\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-15 14:49:45 ----D---- C:\Program Files\trend micro
2010-03-15 14:49:43 ----D---- C:\rsit
2010-03-10 16:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-05 13:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-02-25 22:30:43 ----D---- C:\WINDOWS\Sun
2010-02-25 22:30:08 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-02-25 22:30:05 ----D---- C:\Program Files\Common Files\Java
2010-02-25 22:29:47 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-25 22:29:47 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-25 22:29:47 ----A---- C:\WINDOWS\system32\java.exe
2010-02-25 22:29:47 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-02-25 22:29:17 ----D---- C:\Program Files\Java
2010-02-25 22:28:01 ----D---- C:\Documents and Settings\WinXP\Application Data\Sun
2010-02-24 15:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$

======List of files/folders modified in the last 1 months======

2010-03-15 14:49:57 ----D---- C:\WINDOWS\Prefetch
2010-03-15 14:49:45 ----RD---- C:\Program Files
2010-03-15 14:38:09 ----D---- C:\Documents and Settings\WinXP\Application Data\ICQ
2010-03-15 14:35:09 ----D---- C:\Documents and Settings\WinXP\Application Data\Skype
2010-03-15 14:05:33 ----D---- C:\WINDOWS\Temp
2010-03-15 14:02:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-15 14:01:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-14 21:48:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-14 19:47:38 ----D---- C:\Program Files\Mozilla Firefox
2010-03-12 14:16:07 ----D---- C:\Documents and Settings\WinXP\Application Data\vlc
2010-03-10 18:08:47 ----D---- C:\WINDOWS
2010-03-10 16:36:46 ----SHD---- C:\WINDOWS\Installer
2010-03-10 16:36:46 ----SHD---- C:\Config.Msi
2010-03-10 16:36:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-03-10 16:36:16 ----HD---- C:\WINDOWS\inf
2010-03-10 16:36:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-10 16:36:11 ----D---- C:\Program Files\Movie Maker
2010-03-10 16:36:07 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-08 16:01:09 ----D---- C:\Documents and Settings\WinXP\Application Data\skypePM
2010-03-05 13:24:17 ----A---- C:\WINDOWS\imsins.BAK
2010-03-05 13:24:01 ----D---- C:\WINDOWS\system32
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-25 22:30:05 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 HMFAxCore46691b2fe72383a3b643d95081ef1d95;HMFAxCore46691b2fe72383a3b643d95081ef1d95; C:\WINDOWS\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys [2009-08-29 24064]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-04 3565568]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-03 602112]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-25 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-18 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-08 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Zdravím


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte program, poté klikněte na Run Scan
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[rock_amy]

OTL logfile created on: 3.4.2010 17:07:13 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\WinXP\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 90,00 Mb Available Physical Memory | 18,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 4,76 Gb Free Space | 16,25% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 49,80 Gb Free Space | 41,59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-0FDC0F72A329
Current User Name: WinXP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.03 17:06:49 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WinXP\My Documents\Downloads\OTL.exe
PRC - [2010.03.28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.12.08 17:15:14 | 026,502,952 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\WinXP\Desktop\Skype.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.08.03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.08.03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe


========== Modules (SafeList) ==========

MOD - [2010.04.03 17:06:49 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WinXP\My Documents\Downloads\OTL.exe
MOD - [2009.05.01 15:28:38 | 000,166,400 | -HS- | M] (MM - Soft, s.r.o.) -- C:\WINDOWS\MmWatch.dll
MOD - [2009.04.14 10:59:06 | 000,028,672 | -HS- | M] () -- C:\WINDOWS\HkMgrMM.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.01.08 19:01:15 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2009.12.08 20:24:53 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.08.29 12:39:49 | 000,024,064 | ---- | M] (Eltima Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HMFAxCore46691b2fe72383a3b643d95081ef1d95.sys -- (HMFAxCore46691b2fe72383a3b643d95081ef1d95)
DRV - [2009.07.20 19:08:00 | 005,795,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.05.11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.03.04 02:49:00 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.05 20:10:00 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006.09.11 19:45:00 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.09.11 19:45:00 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.08.21 18:24:00 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.01.04 15:41:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2001.08.17 15:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2418376
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "PageRage Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "PageRage Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://ahoolly.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: uploader@adblockfilters.mozdev.org:2.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: onair_FM@marek.chrenko.net:3.5.1
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.21
FF - prefs.js..extensions.enabledItems: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.3
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..keyword.URL: "http://search13.net/search.php?clid=486&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.20 16:25:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.03 13:09:13 | 000,000,000 | ---D | M]

[2009.08.28 14:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Extensions
[2010.04.02 16:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions
[2009.11.01 21:04:04 | 000,000,000 | ---D | M] (Stylish Profile) -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010.03.19 16:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010.03.19 16:47:40 | 000,000,000 | ---D | M] (U Flv) -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
[2010.02.24 17:35:24 | 000,000,000 | ---D | M] (PageRage Toolbar) -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2010.02.24 17:35:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.11 16:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\onair_FM@marek.chrenko.net
[2010.01.05 15:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\plugin@yontoo.com
[2010.02.24 17:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\extensions\uploader@adblockfilters.mozdev.org
[2010.01.05 12:31:58 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\searchplugins\conduit.xml
[2009.12.16 15:13:57 | 000,001,586 | ---- | M] () -- C:\Documents and Settings\WinXP\Application Data\Mozilla\Firefox\Profiles\o880h5tp.default\searchplugins\web-search.xml
[2010.04.02 16:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.31 01:03:42 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.07.31 01:03:42 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.07.31 01:03:42 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.07.31 01:03:42 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.07.31 01:03:42 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.07.31 01:03:42 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2009.08.28 14:58:59 | 000,000,786 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1www.redtube.com
O1 - Hosts: 127.0.0.1http:/redtube.com
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StrSystem] C:\WINDOWS\strs.exe (MM - Soft, s.r.o.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\WinXP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\WinXP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.27 06:50:38 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.03 13:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.03.29 20:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.03.29 20:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WinXP\Desktop\Phone
[2010.03.15 15:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.03.15 15:49:43 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.14 22:42:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WinXP\Desktop\Nový priečinok
[2010.03.10 14:39:27 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.03.09 17:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PageRage
[2010.03.09 17:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010.03.05 14:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009.11.19 00:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009.08.27 09:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009.08.27 06:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009.08.27 06:50:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009.08.27 06:50:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.03 17:09:32 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\WinXP\NTUSER.DAT
[2010.04.03 17:02:53 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.03 17:02:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.03 17:02:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.03 16:20:22 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\WinXP\ntuser.ini
[2010.04.03 16:15:00 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.03 13:09:13 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.04.02 21:23:24 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\radio7-64.asx
[2010.04.01 20:16:07 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010.03.28 11:22:06 | 000,478,790 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 11:22:05 | 000,086,072 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 11:22:05 | 000,004,568 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.24 21:55:03 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\moda2.doc
[2010.03.24 21:54:21 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Microsoft Office Word 2007.lnk
[2010.03.24 21:42:03 | 000,011,123 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Móda.docx
[2010.03.18 22:10:29 | 000,125,428 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\mokuska.jpg
[2010.03.17 21:24:32 | 000,602,618 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Móda vs.pptx
[2010.03.10 21:17:14 | 000,074,709 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\gramophone.jpg
[2010.03.10 20:24:46 | 000,021,023 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Fashion70-1.jpg
[2010.03.10 20:24:31 | 002,260,980 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Fotografia027.jpg
[2010.03.10 20:20:42 | 000,021,307 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\moda.jpg
[2010.03.10 20:17:29 | 000,009,360 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Bez názvu.jpg
[2010.03.10 20:11:11 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\Microsoft Office PowerPoint 2007.lnk
[2010.03.10 14:33:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.09 17:19:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.03.09 15:16:15 | 000,000,360 | ---- | M] () -- C:\Documents and Settings\WinXP\Desktop\radio7-32.asx
[2010.03.05 14:43:29 | 004,812,414 | -H-- | M] () -- C:\Documents and Settings\WinXP\Local Settings\Application Data\IconCache.db
[2010.03.05 14:24:17 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.03 13:09:13 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.04.02 21:23:21 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\radio7-64.asx
[2010.03.24 21:55:03 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\moda2.doc
[2010.03.24 21:42:02 | 000,011,123 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\Móda.docx
[2010.03.18 22:10:25 | 000,125,428 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\mokuska.jpg
[2010.03.10 22:38:16 | 000,602,618 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\Móda vs.pptx
[2010.03.10 21:08:37 | 000,074,709 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\gramophone.jpg
[2010.03.10 20:24:46 | 000,021,023 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\Fashion70-1.jpg
[2010.03.10 20:23:24 | 002,260,980 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\Fotografia027.jpg
[2010.03.10 20:20:41 | 000,021,307 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\moda.jpg
[2010.03.10 20:17:26 | 000,009,360 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\Bez názvu.jpg
[2010.03.09 15:16:15 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\WinXP\Desktop\radio7-32.asx
[2010.01.10 21:09:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Whiskas.ini
[2009.09.17 20:04:28 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\WinXP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.04 21:54:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.29 12:39:47 | 000,044,544 | -HS- | C] () -- C:\WINDOWS\Strsysk.dll
[2009.08.29 12:39:47 | 000,028,672 | -HS- | C] () -- C:\WINDOWS\HkMgrMM.dll
[2009.08.29 12:39:47 | 000,024,064 | -HS- | C] () -- C:\WINDOWS\Strsys.dll
[2009.08.27 09:10:47 | 000,063,213 | ---- | C] () -- C:\Documents and Settings\WinXP\CCCInstall_200908270910472031.log
[2009.08.27 07:38:53 | 000,001,960 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.08.27 07:19:17 | 000,001,134 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2009.08.27 06:55:29 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\WinXP\ntuser.ini
[2009.08.27 06:55:28 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\WinXP\ntuser.dat.LOG
[2009.08.27 06:55:27 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\WinXP\NTUSER.DAT

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:264A9BB7
< End of report >

[rock_amy]

OTL Extras logfile created on: 3.4.2010 17:07:13 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\WinXP\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 90,00 Mb Available Physical Memory | 18,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 4,76 Gb Free Space | 16,25% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 49,80 Gb Free Space | 41,59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-0FDC0F72A329
Current User Name: WinXP
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\strs.exe" = C:\WINDOWS\strs.exe:*:Disabled:Strážca systému -- (MM - Soft, s.r.o.)
"C:\Program Files\Empire of Sports\NetworkDiagnostic.exe" = C:\Program Files\Empire of Sports\NetworkDiagnostic.exe:*:Enabled:Empire of Sports Network Diagnostic -- ()
"C:\Program Files\Empire of Sports\EmpireOfSports.exe" = C:\Program Files\Empire of Sports\EmpireOfSports.exe:*:Enabled:Empire of Sports -- (Empire of Sports Developments Ltd)
"C:\Documents and Settings\WinXP\Desktop\Plugin Manager\skypePM.exe" = C:\Documents and Settings\WinXP\Desktop\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\WinXP\Desktop\Phone\Skype.exe" = C:\Documents and Settings\WinXP\Desktop\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\WinXP\Desktop\Skype.exe" = C:\Documents and Settings\WinXP\Desktop\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06C5169E-EFD9-7016-68EA-EBAB513CE0D9}" = CCC Help Turkish
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{19CC1D81-82D4-FB57-A834-7B0F06E2F366}" = Catalyst Control Center Graphics Full Existing
"{2251C5D3-5396-A579-5CC9-EDE9E8738A3D}" = CCC Help Swedish
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{274BFAD7-FEFC-50E8-9062-A0F40E9E70CB}" = CCC Help Italian
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Zem
"{2F51344C-B044-FD27-5823-89D815EC134E}" = CCC Help Dutch
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43EE08A7-81C3-36CC-B357-8DE7DB91ADDE}" = CCC Help Russian
"{45EFD831-03AD-16D9-7C96-123A03473F27}" = ccc-core-preinstall
"{494D7224-DFC8-5667-1190-6E9118BAC032}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A130128-1FC5-5D76-5053-9EFD94A309DF}" = CCC Help Japanese
"{5B4C46CE-18BF-4319-D286-C7B641041366}" = CCC Help English
"{620627BB-90E1-3E69-0D84-D1A25F6E8594}" = CCC Help Korean
"{648B6DC0-47AF-7E29-1EB8-35BD9B1C0DA1}" = Catalyst Control Center Graphics Full New
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{704ADC50-CBD9-2537-44BC-CEC4A1C5DDE5}" = CCC Help German
"{70CA6A92-B1C6-7218-B759-DD8088BE9C86}" = CCC Help Czech
"{76B807CC-1332-7263-786A-8ABB57CC4BD8}" = CCC Help Portuguese
"{7884DDEE-FBC7-4B39-A521-033FC662CAFE}" = CCC Help Polish
"{7E072CED-C3E0-4792-AE15-903F896BBF14}_is1" = Strážca systému 3.21
"{80DDFD23-9F4B-491E-ADEE-1324E901350F}" = ccc-core-static
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84D57213-6C95-C1D2-D00E-8EBD7DF8A5EB}" = CCC Help Chinese Standard
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1051}" = Nero 8
"{8BE9E14E-C390-C0F8-4FD2-E5E374E699EB}" = Catalyst Control Center Graphics Light
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISE_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_ENTERPRISE_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}_ENTERPRISE_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90B26E30-CE19-E266-1CE4-3166A099FFD2}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FE6403B-762F-8CF3-08BC-CCF10FFCFB25}" = ccc-utility
"{A0D93FF8-0523-9607-BCDC-FD87AA6B3592}" = CCC Help French
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A41D4E9F-7D8F-893C-B68A-FC62EC96C1EC}" = CCC Help Chinese Traditional
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1051-7B44-A93000000001}" = Adobe Reader 9.3 - Slovak
"{AF60423E-DC50-5CA4-4D8A-15FCE656D2DD}" = CCC Help Greek
"{B7769987-9CC5-5A62-5515-163BE7643131}" = CCC Help Hungarian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C430EBB5-41D7-9269-9E09-710F3A4E3E89}" = CCC Help Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{DE1A2837-40A1-1999-A2BE-568BAA9C5AED}" = CCC Help Danish
"{E691840E-6ABF-0843-0853-D702C5030DBE}" = Catalyst Control Center Localization All
"{E90BCB3E-1712-C7ED-4804-D9E92811F4C7}" = Skins
"{EEE5745D-67A3-63D6-969E-E8AD1A7E2F9A}" = Catalyst Control Center Core Implementation
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{FF3E7DBA-C199-25DA-80B4-CD81A13B4741}" = CCC Help Norwegian
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EoS-{5CCCD423-F673-4CD8-9464-9D950F49BBC3}" = Empire of Sports
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Ladicka" = Ladicka
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"PageRage Toolbar" = PageRage Toolbar
"Picasa 3" = Picasa 3
"ReplaySSaver_is1" = ReplaySSaver v1.0
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.1
"Whiskas_is1" = Whiskas
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.12.2009 14:27:44 | Computer Name = PC-0FDC0F72A329 | Source = ESENT | ID = 490
Description = svchost (1164) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "Proces nemôže
získať prístup k súboru, pretože daný súbor práve používa iný proces. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 25.12.2009 14:27:44 | Computer Name = PC-0FDC0F72A329 | Source = ESENT | ID = 470
Description = Catalog Database (1164) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
is partially attached. Attachment stage: 3. Error: -1032.

Error - 5.1.2010 9:30:07 | Computer Name = PC-0FDC0F72A329 | Source = ESENT | ID = 490
Description = svchost (1156) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "Proces nemôže
získať prístup k súboru, pretože daný súbor práve používa iný proces. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 8.1.2010 9:02:59 | Computer Name = PC-0FDC0F72A329 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie chrome.exe, verzia 0.0.0.0, zlyhanie modulu hkmgrmm.dll,
verzia 0.0.0.0, adresa zlyhania 0x000059a4.

Error - 8.1.2010 13:26:09 | Computer Name = PC-0FDC0F72A329 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Setup.exe, verzia 1.0.135.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 28.1.2010 6:04:05 | Computer Name = PC-0FDC0F72A329 | Source = Google Update | ID = 20
Description =

Error - 30.1.2010 12:05:29 | Computer Name = PC-0FDC0F72A329 | Source = crypt32 | ID = 131080
Description = Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu
základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
s chybou: Operácia sa vrátila, pretože uplynul časový limit.

Error - 30.1.2010 16:18:59 | Computer Name = PC-0FDC0F72A329 | Source = crypt32 | ID = 131080
Description = Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu
základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
s chybou: Operácia sa vrátila, pretože uplynul časový limit.

Error - 5.2.2010 11:02:30 | Computer Name = PC-0FDC0F72A329 | Source = ESENT | ID = 490
Description = svchost (1156) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "Proces nemôže
získať prístup k súboru, pretože daný súbor práve používa iný proces. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 5.2.2010 11:02:30 | Computer Name = PC-0FDC0F72A329 | Source = ESENT | ID = 470
Description = Catalog Database (1156) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
is partially attached. Attachment stage: 3. Error: -1032.

[ System Events ]
Error - 14.3.2010 12:26:44 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby IMAPI CD-Burning
COM Service.

Error - 14.3.2010 12:26:44 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IMAPI CD-Burning COM Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 14.3.2010 15:44:49 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby IMAPI CD-Burning
COM Service.

Error - 14.3.2010 15:44:49 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IMAPI CD-Burning COM Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 28.3.2010 5:20:19 | Computer Name = PC-0FDC0F72A329 | Source = W32Time | ID = 39452689
Description = Poskytovateľ času NtpClient: Pri vyhľadávaní ručne nakonfigurovaného
partnera
time.windows.com,0x1 serverom DNS sa vyskytla chyba. NtpClient sa pokúsi o vyhľadávanie
servera DNS znova o 15 min. Vyskytla sa chyba: Došlo k pokusu o operáciu so soketom
v čase nedosiahnuteľnosti hostiteľa. (0x80072751)

Error - 28.3.2010 5:20:19 | Computer Name = PC-0FDC0F72A329 | Source = W32Time | ID = 39452701
Description = Poskytovateľ času NtpClient je nakonfigurovaný tak, aby získaval čas
z jedného alebo viacerých časových zdrojov, žiadny zo zdrojov však nie je momentálne
prístupný. Počas 14 minút nebude uskutočnený žiadny pokus o skontaktovanie zdroja.
NtpClient
nemá žiadny zdroj presného času.

Error - 28.3.2010 5:20:24 | Computer Name = PC-0FDC0F72A329 | Source = W32Time | ID = 39452689
Description = Poskytovateľ času NtpClient: Pri vyhľadávaní ručne nakonfigurovaného
partnera
time.windows.com,0x1 serverom DNS sa vyskytla chyba. NtpClient sa pokúsi o vyhľadávanie
servera DNS znova o 15 min. Vyskytla sa chyba: Došlo k pokusu o operáciu so soketom
v čase nedosiahnuteľnosti hostiteľa. (0x80072751)

Error - 28.3.2010 5:20:24 | Computer Name = PC-0FDC0F72A329 | Source = W32Time | ID = 39452701
Description = Poskytovateľ času NtpClient je nakonfigurovaný tak, aby získaval čas
z jedného alebo viacerých časových zdrojov, žiadny zo zdrojov však nie je momentálne
prístupný. Počas 14 minút nebude uskutočnený žiadny pokus o skontaktovanie zdroja.
NtpClient
nemá žiadny zdroj presného času.

Error - 3.4.2010 11:04:14 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby IMAPI CD-Burning
COM Service.

Error - 3.4.2010 11:04:14 | Computer Name = PC-0FDC0F72A329 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby IMAPI CD-Burning COM Service zlyhalo kvôli nasledujúcej
chybe: %%1053


< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:264A9BB7

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]
[REBOOT] 

Poté klikněte na Run fix, PC se restartuje, log vložte sem.


Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\HkMgrMM.dll
C:\WINDOWS\Strsys.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

[rock_amy]

urobila osm to tak ale ked osm uz dala run fix po chvili mi naskocila tabulka ze: súbor alebo adresár C:\Documents and Settings\WinXP\Application Data\Macromedia\Flash player\#SharedObjects\KNEL3F4R\sk3.superhry.cz\analytics.sol je poškodený a je nečítateľný.Spustite pomôcku Chkdsk. A ďalšia tabuľka: The system requires a reboot to finish removing files. Click OK to reboot now..klikla osm na ok a pc sa restartoval a potom znova mi toto vyskocilo aj s logom.

All processes killed
========== OTL ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:264A9BB7 deleted successfully.
========== FILES ==========
C:\WINDOWS\002595_.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET25.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 533967 bytes

User: WinXP
->Temp folder emptied: 296595314 bytes
->Temporary Internet Files folder emptied: 84854858 bytes
->Java cache emptied: 915531 bytes
->FireFox cache emptied: 121680645 bytes
->Google Chrome cache emptied: 256814742 bytes
->Flash cache emptied: 2325248 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28680699 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23918468 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2186961081 bytes

Total Files Cleaned = 2 864,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: WinXP
->Flash cache emptied: 5834 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.0 log created on 04042010_145000

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\WinXP\Application Data\Macromedia\Flash Player\#SharedObjects\KNEL3F4R\sk3.superhry.cz\analytics.sol not found!
File\Folder C:\Documents and Settings\WinXP\Application Data\Macromedia\Flash Player\#SharedObjects\KNEL3F4R\sk3.superhry.cz\Uphill_Rush_2.sol not found!

Registry entries deleted on Reboot...


analisis/cf9d3c9f8529ff824f8958b693751391d03abda55d0ee014aeec7e16a0efb3aa-1256381929
analisis/f779f93699308ed00509bc22781a8f5384eea55cdecde9b783db1e60ba426c14-1248605545

[Caroprd111]

Odkazy jsou nefunkční.


Proveďte kontrolu disku.

[rock_amy]

hmm a to urobim ako??

[Caroprd111]

Soubory otestujte znovu.


Tento počítač -> Pravé tl. myši na disk C: -> Vlastnosti -> Nástroje -> Kontrola disku -> Zaškrtnout obě volby. Potvrdit a restart.
Po restartu to samé udělat pro disk D:, E: atd.

[rock_amy]

analisis/cf9d3c9f8529ff824f8958b6937513 ... 1270386631
analisis/f779f93699308ed00509bc22781a8f ... 1248605545
neviem ci som to dobre napisala ze ci vam to zobrazi..lebo neviem ako sa sem davaju linky..

[Caroprd111]

Musíte sem vložit celý obsah adresního řádku, tohle je jen část.

[rock_amy]

adresny riadok??to je toto?
MD5: b4617ca8e8f6fa0b68862a923630a35a
Poprvé zaslán: 2009.10.24 10:58:49 UTC
Datum: 2010.04.04 13:10:31 UTC [<1D]
Výsledky: 1/42
Stálý odkaz: analisis/cf9d3c9f8529ff824f8958b693751391d03abda55d0ee014aeec7e16a0efb3aa-1270386631

MD5: 67c416a5cd6dc0a06cb503e31ddb466c
Poprvé zaslán: 2009.07.26 10:07:42 UTC
Datum: 2009.07.26 10:52:25 UTC [>252D]
Výsledky: 2/40
Stálý odkaz: analisis/f779f93699308ed00509bc22781a8f5384eea55cdecde9b783db1e60ba426c14-1248605545
a dala som kontrolovat disk C ale mi nieco napisalo ze sa to neda ked restartujem pc asi len a som restartovala ale nic sa nestalo..tak som dala D disk ktory sa stale este kontorluje ale velmi dlho uz je na piatej faze ale ide ot strasne pomaly

[Caroprd111]

Adresní řádek je to, kam píšete adresy typu www.seznam.cz, nahoře v prohlížeči.

[rock_amy]

http://www.virustotal.com/cs/reanalisis ... 1270412358
http://www.virustotal.com/cs/reanalisis ... 1270412427
a co s tym diskom??mam cakat kym to skonci?kolko asi faz to ma??

[Caroprd111]

Nechte to doběhnout do konce. Záleží na tom, jak máte velký disk.