Kontrola logu prosím

Zpráva

Gorej · #1 Příspěvek od **Gorej** » 27 kvě 2010 17:49

Mohli by ste mi prosím skontrolovať log? Mám dosť spomalený PC, budem rád ak to rýchlo vyriešim, ďakujem vopred

Logfile of random's system information tool 1.06 (written by random/random)
Run by Adamko at 2010-05-27 18:47:38
Systém Microsoft Windows XP Professional Service Pack 1
System drive C: has 11 GB (22%) free of 50 GB
Total RAM: 255 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:47:59, on 27.5.2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Adamko\Desktop\RSIT.exe
C:\Documents and Settings\Adamko\Desktop\Adamko.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0031592593
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E2ABF28-C602-43C9-835B-8AD393CEE3F9}: NameServer = 192.168.28.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 4839 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}]
Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-08-29 842268]
{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"DigidesignMMERefresh"=C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2005-10-26 61440]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\System32\ctfmon.exe [2002-08-29 13312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2002-08-21 1511453]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\w3dr.exe]
C:\Program Files\Warcraft III\w3dr.exe [2008-08-03 61440]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

======List of files/folders modified in the last 1 months======

2010-05-27 18:47:44 ----D---- C:\WINDOWS\Prefetch
2010-05-27 18:43:55 ----D---- C:\Program Files\Mozilla Firefox
2010-05-27 18:42:26 ----D---- C:\WINDOWS\Temp
2010-05-27 18:42:17 ----D---- C:\WINDOWS
2010-05-27 18:41:56 ----D---- C:\WINDOWS\Debug
2010-05-27 18:40:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-25 20:22:36 ----D---- C:\WINDOWS\system32
2010-05-25 09:20:25 ----A---- C:\WINDOWS\lexstat.ini
2010-05-23 18:52:55 ----D---- C:\WINDOWS\System32\CatRoot2
2010-05-16 15:13:23 ----HD---- C:\WINDOWS\inf
2010-05-15 15:48:40 ----A---- C:\WINDOWS\win.ini
2010-04-29 13:44:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-08-29 32512]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2009-11-25 94160]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-06-03 3100160]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-07-10 9856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\System32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\System32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\System32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\System32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\System32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\System32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\System32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\System32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2002-08-29 28160]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2008-06-03 552960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 DigiRefresh;Digidesign MME Refresh Service; C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2005-10-26 61440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2006-04-17 311296]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2001-08-23 12800]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-03 593920]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 27 kvě 2010 17:55

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Gorej · #3 Příspěvek od **Gorej** » 27 kvě 2010 19:05

Ďakujem.

OTL:

OTL logfile created on: 27.5.2010 19:48:45 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Adamko\Desktop
Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

255,00 Mb Total Physical Memory | 67,00 Mb Available Physical Memory | 26,00% Memory free
618,00 Mb Paging File | 264,00 Mb Available in Paging File | 43,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 10,66 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive D: | 25,67 Gb Total Space | 5,98 Gb Free Space | 23,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADAM
Current User Name: Adamko
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.27 19:47:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adamko\Desktop\OTL.exe
PRC - [2010.03.31 19:05:39 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005.10.26 00:21:50 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe
PRC - [2003.08.15 09:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2002.08.29 04:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.05.27 19:47:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adamko\Desktop\OTL.exe
MOD - [2002.08.29 04:41:32 | 000,921,600 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
MOD - [2002.08.29 04:39:20 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007.03.28 19:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.10.26 00:21:50 | 000,061,440 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Auto | Running] -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.12 17:04:43 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.07.10 15:03:38 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2008.06.03 08:20:54 | 003,100,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.06.19 07:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2007.04.24 10:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 10:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 10:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2007.04.24 09:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2005.09.27 09:00:02 | 000,069,920 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TPkd.sys -- (TPkd)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)
DRV - [2003.08.21 10:31:52 | 000,462,940 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003.08.14 17:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002.08.29 02:27:50 | 000,086,912 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1580818891-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.warxtreme.com/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:2.0.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 13:21:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.31 19:05:51 | 000,000,000 | ---D | M]

[2008.07.10 14:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Extensions
[2010.02.25 11:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\0wq3739a.Gorejslav\extensions
[2010.05.27 16:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions
[2010.02.18 16:49:04 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.03.20 18:33:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.30 18:01:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.02.18 16:48:51 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008.12.10 14:52:03 | 000,000,000 | ---D | M] (Mouse Gestures Redox) -- C:\Documents and Settings\Adamko\Application Data\Mozilla\Firefox\Profiles\ig8t1i3c.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2010.05.27 16:42:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.08.21 15:30:40 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2007.11.02 03:29:52 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2007.11.02 03:29:52 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2008.04.01 22:17:12 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2007.11.02 03:29:52 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2009.02.16 14:21:20 | 000,000,740 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKLM\..\Toolbar: (&Rádio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-1085031214-1580818891-725345543-1003\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-1085031214-1580818891-725345543-1003\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... p43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 0031592593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Adamko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adamko\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.10 22:38:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.07.10 22:38:20 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

Drivers32: MIDI1 - C:\WINDOWS\System32\Diomidi.DLL (Digidesign, A Division of Avid Technology, Inc.)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave1 - C:\WINDOWS\System32\Digi32.dll (Digidesign, A Division of Avid Technology, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.27 19:47:22 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Adamko\Desktop\OTL.exe
[2010.05.27 18:47:41 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Adamko\Desktop\Adamko.exe
[2010.05.27 18:38:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Adamko\Recent
[2010.05.17 17:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adamko\Desktop\Obrázky na fb
[2008.09.20 17:48:47 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2008.09.20 17:48:47 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2004.04.30 09:37:02 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojubus.sys
[2004.04.30 09:33:00 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojuscsi.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.27 19:47:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adamko\Desktop\OTL.exe
[2010.05.27 19:38:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.27 19:37:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.27 19:00:30 | 002,110,122 | -H-- | M] () -- C:\Documents and Settings\Adamko\Local Settings\Application Data\IconCache.db
[2010.05.27 18:40:59 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Adamko\NTUSER.DAT
[2010.05.27 18:40:01 | 000,000,280 | -HS- | M] () -- C:\Documents and Settings\Adamko\ntuser.ini
[2010.05.26 18:51:08 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Adamko\Desktop\plejpaper.doc
[2010.05.25 20:23:16 | 000,001,766 | ---- | M] () -- C:\Documents and Settings\Adamko\My Documents\cc_20100525_2023.reg
[2010.05.25 09:20:25 | 000,000,270 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010.05.24 16:46:27 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.05.19 13:21:41 | 000,062,418 | ---- | M] () -- C:\Documents and Settings\Adamko\Desktop\debil.jpg
[2010.05.17 17:23:46 | 000,010,752 | ---- | M] () -- C:\Nový objekt - Dokument programu Microsoft Word.doc
[2010.05.17 17:05:43 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\Adamko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.15 15:48:40 | 000,000,633 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.12 18:58:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.28 20:56:55 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Adamko\Desktop\punk.doc
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.25 20:23:14 | 000,001,766 | ---- | C] () -- C:\Documents and Settings\Adamko\My Documents\cc_20100525_2023.reg
[2010.05.19 13:21:41 | 000,062,418 | ---- | C] () -- C:\Documents and Settings\Adamko\Desktop\debil.jpg
[2010.05.17 17:23:46 | 000,010,752 | ---- | C] () -- C:\Nový objekt - Dokument programu Microsoft Word.doc
[2009.12.24 13:02:59 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.03 11:20:04 | 000,000,096 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.11.02 13:01:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008.07.20 11:46:55 | 000,000,270 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008.07.20 11:46:49 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008.07.12 17:04:43 | 000,639,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.07.12 10:35:16 | 000,336,896 | ---- | C] () -- C:\WINDOWS\System32\ammppg.dll
[2008.07.12 10:35:16 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\qscl.dll
[2008.07.12 10:35:16 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.07.12 10:35:16 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\amrdec.dll
[2008.07.12 10:35:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\qcpsdk.dll
[2008.07.12 10:35:16 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\a1.dll
[2008.07.10 21:51:53 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.07.10 21:51:51 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.07.10 21:51:51 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.07.10 21:51:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.07.10 21:51:49 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.07.10 21:51:49 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.07.10 15:11:18 | 000,000,280 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.07.10 15:05:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.07.10 14:59:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.10 14:00:25 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2006.01.30 14:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2002.11.13 09:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002.08.29 02:27:50 | 000,086,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2002.03.25 21:02:14 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002.03.21 23:39:02 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL

========== LOP Check ==========

[2008.07.10 15:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\ACD Systems
[2008.11.05 19:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Anvil-Soft
[2010.03.06 18:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Facebook
[2008.07.12 17:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Super-Cow
[2008.10.05 18:50:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\TuneUp Software
[2008.07.25 08:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\URSoft
[2008.10.12 17:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Web Page Maker
[2008.07.10 15:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010.04.29 13:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.10.05 18:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.04.23 17:17:00 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\System32\ctfmon.exe -- [2002.08.29 04:41:22 | 000,013,312 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2002.08.21 00:08:38 | 001,511,453 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2008.07.10 15:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2009.04.18 08:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008.07.10 21:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008.09.01 09:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2008.07.10 21:57:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.10.29 19:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008.07.10 15:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2008.07.16 16:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.04.29 13:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.10.05 18:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008.12.23 13:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.10.29 13:43:56 | 001,925,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
[2009.10.29 13:43:49 | 000,836,464 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe

< %APPDATA%\*. >
[2008.07.10 15:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\ACD Systems
[2009.01.28 17:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Adobe
[2008.07.17 12:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Ahead
[2008.11.05 19:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Anvil-Soft
[2008.07.10 21:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\CyberLink
[2010.04.09 13:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\dvdcss
[2010.03.06 18:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Facebook
[2008.07.20 12:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Help
[2008.07.10 22:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Identities
[2008.07.10 13:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Macromedia
[2008.07.10 21:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Media Player Classic
[2009.12.04 14:28:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Adamko\Application Data\Microsoft
[2008.07.10 14:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Mozilla
[2008.11.08 21:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Skype
[2008.11.08 21:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\skypePM
[2008.07.11 09:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Sun
[2008.07.12 17:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Super-Cow
[2008.10.05 18:50:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\TuneUp Software
[2008.07.25 08:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\URSoft
[2008.09.05 20:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\vlc
[2008.10.12 17:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adamko\Application Data\Web Page Maker

< %APPDATA%\*.exe /s >
[2010.03.06 18:20:49 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Adamko\Application Data\Facebook\uninstall.exe

< MD5 for: AGP440.SYS >
[2001.08.17 14:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\agp440.sys

< MD5 for: AHCIX86.SYS >
[2008.03.08 03:24:52 | 000,176,136 | ---- | M] (AMD Technologies Inc.) MD5=B6E729A575F84938A08D367E8352EB86 -- C:\ATI\SUPPORT\8-6_xp32_dd_ccc_wdm_enu_64783\SBDrv\RAID7xx\x86\ahcix86.sys

< MD5 for: ATAPI.SYS >
[2002.08.29 04:50:10 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2002.08.29 04:50:10 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2002.08.29 02:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\cdrom.sys
[2002.08.29 02:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2002.08.29 04:40:50 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=41C70161BFCB17E7E12ED89BADD2AEF4 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\cryptsvc.dll
[2002.08.29 04:40:50 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=41C70161BFCB17E7E12ED89BADD2AEF4 -- C:\WINDOWS\system32\cryptsvc.dll
[2002.08.29 04:40:50 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=41C70161BFCB17E7E12ED89BADD2AEF4 -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2002.08.29 04:40:52 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\eventlog.dll
[2002.08.29 04:40:52 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2002.08.29 04:40:52 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2002.08.29 04:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\explorer.exe
[2002.08.29 04:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\explorer.exe
[2002.08.29 04:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2002.08.29 04:50:10 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2002.08.29 02:05:06 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=14899FB16E1263BDC6E17AEC0A69BB97 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\hal.dll
[2002.08.29 02:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2001.08.17 14:53:18 | 000,007,296 | ---- | M] (Microsoft Corporation) MD5=F9ECF83EB508FA050BB5CBF75DCC117F -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.08.23 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2002.08.29 04:41:26 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=B2B6BA905D0E3F8A32A0EB3B4051807B -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\lsass.exe
[2002.08.29 04:41:26 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=B2B6BA905D0E3F8A32A0EB3B4051807B -- C:\WINDOWS\system32\dllcache\lsass.exe
[2002.08.29 04:41:26 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=B2B6BA905D0E3F8A32A0EB3B4051807B -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2002.08.29 03:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\ndis.sys
[2002.08.29 03:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\system32\dllcache\ndis.sys
[2002.08.29 03:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2002.08.29 04:41:08 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\netlogon.dll
[2002.08.29 04:41:08 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2002.08.29 04:41:08 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2002.08.29 04:41:12 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\scecli.dll
[2002.08.29 04:41:12 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2002.08.29 04:41:12 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2002.08.29 04:41:28 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=BDDAC60BDEBBF51E71B2B65EBF80ED90 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\smss.exe
[2002.08.29 04:41:28 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=BDDAC60BDEBBF51E71B2B65EBF80ED90 -- C:\WINDOWS\system32\dllcache\smss.exe
[2002.08.29 04:41:28 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=BDDAC60BDEBBF51E71B2B65EBF80ED90 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2001.08.23 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\svchost.exe
[2001.08.23 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2001.08.23 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.08.29 02:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\tcpip.sys
[2002.08.29 02:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2002.08.29 02:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2002.08.29 04:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\userinit.exe
[2002.08.29 04:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\system32\dllcache\userinit.exe
[2002.08.29 04:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2002.08.29 04:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\winlogon.exe
[2002.08.29 04:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2002.08.29 04:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2001.08.23 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\SoftwareDistribution\Download\eb5ff0ae9fdaa24285c4924997a7aa90\backup\ws2_32.dll
[2001.08.23 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2001.08.23 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.07.12 17:04:43 | 000,639,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.07.10 15:25:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.07.10 15:25:20 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.07.10 15:25:19 | 000,409,600 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
< End of report >

Extras:

OTL Extras logfile created on: 27.5.2010 19:48:45 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Adamko\Desktop
Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

255,00 Mb Total Physical Memory | 67,00 Mb Available Physical Memory | 26,00% Memory free
618,00 Mb Paging File | 264,00 Mb Available in Paging File | 43,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 10,66 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive D: | 25,67 Gb Total Space | 5,98 Gb Free Space | 23,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADAM
Current User Name: Adamko
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1085031214-1580818891-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\6.0\ACDSee6.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1A24F9E8-009D-40FC-ABED-2AAFFAB0F4F0}" = InterLok Driver Kit
"{21BBAD12-C75F-4F06-A9B0-6F8BEEAF3846}" = Moorhuhn X - XS
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5BFEB2DF-D80D-48B9-A95B-8C3E70DEA49F}" = ACDSee 6.0 PowerPack Trial
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{9211041B-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9F1D8E17-2AE6-4608-901D-42146D7D9C68}" = Digidesign Audio Drivers 7.0
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ASCII Art Studio" = ASCII Art Studio
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"Claw" = Claw
"Desperados 1.0" = Desperados 1.0
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy GIF Animator_is1" = Easy GIF Animator 4.8
"Eurobattle.net Installer1.22" = Eurobattle.net Installer
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Kwyshell MidpX Emulator Package" = Kwyshell MidpX Emulator Package 1.3.1
"Lexmark 1200 Series" = Lexmark 1200 Series
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MP3 To Ringtone Gold_is1" = MP3 To Ringtone Gold 6.2
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Service Center" = Native Instruments Service Center
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"PhotoFiltre" = PhotoFiltre
"Q328145" = Windows XP Hotfix Package [See Q328145 for more information]
"QuickTime" = QuickTime
"Supercow_is1" = Supercow
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Totalcmd" = Total Commander (Remove or Repair)
"TuxGuitar 1.1" = TuxGuitar
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
"Your Uninstaller! 2008_is1" = Your Uninstaller! 2008 Version 6.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1085031214-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"QIP Infium" = QIP Infium 2.0.9030 RC4
"Warcraft III" = Warcraft III: All Products
"WarXtreme PUB Pach v1.2" = WarXtreme PUB Pach v1.2

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 13.6.2009 14:54:37 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\Roma - výprava mužov 2009\P4280222.JPG failed, 0000A420.

Error - 22.10.2009 13:57:58 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
I:\Hermelínové_recepty_z_Sedlcanského_Pepy.doc failed, 00000005.

Error - 7.11.2009 8:02:50 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://pokec.azet.sk/_s/system/ping.php ... 9431&st=rp
failed, 0000A413.

Error - 7.11.2009 15:52:29 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://clients1.google.sk/suggest?hl=sk ... urzu&cp=13
failed, 0000A413.

Error - 7.11.2009 16:15:32 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://pokec.azet.sk/_s/system/ping.php ... 1581&st=rp
failed, 0000A413.

Error - 28.11.2009 16:23:47 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\Imatrikulacia GSV 2009 2\DSCF3159.JPG failed, 0000001E.

Error - 16.3.2010 8:26:25 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\DCIM\100MSDCF\DSC01007.JPG failed, 0000A420.

Error - 27.5.2010 12:32:46 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\MafiaLauncher.EXE failed, 0000001E.

Error - 27.5.2010 12:36:45 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\MafiaLauncher.EXE failed, 0000001E.

Error - 27.5.2010 12:53:19 | Computer Name = ADAM | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\MafiaLauncher.EXE failed, 0000001E.

[ Application Events ]
Error - 17.11.2009 3:50:50 | Computer Name = ADAM | Source = Perflib | ID = 2002
Description = Otvorená procedúra služby WmiApRpl v knižnici DLL C:\WINDOWS\System32\wbem\wmiaprpl.dll
trvala dlhšie ako je stanovený limit čakania. Možno sa vyskytol problém s týmto rozšíriteľným
počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo bol systém pri pokuse
o toto volanie veľmi zaneprázdnený.

Error - 17.11.2009 14:47:44 | Computer Name = ADAM | Source = Perflib | ID = 1015
Description = Časový limit čakania na dokončenie funkcie zberu údajov o výkone PerfOS
v
knižnici C:\WINDOWS\system32\perfos.dll uplynul. Pravdepodobne sa vyskytol problém
s
rozšíriteľným počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo systém
bol pri prijatí tohto volania veľmi zaneprázdnený.

Error - 18.11.2009 4:46:30 | Computer Name = ADAM | Source = Perflib | ID = 1015
Description = Časový limit čakania na dokončenie funkcie zberu údajov o výkone Spooler
v
knižnici C:\WINDOWS\system32\winspool.drv uplynul. Pravdepodobne sa vyskytol problém
s
rozšíriteľným počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo systém
bol pri prijatí tohto volania veľmi zaneprázdnený.

Error - 18.11.2009 4:46:57 | Computer Name = ADAM | Source = Perflib | ID = 2002
Description = Otvorená procedúra služby WmiApRpl v knižnici DLL C:\WINDOWS\System32\wbem\wmiaprpl.dll
trvala dlhšie ako je stanovený limit čakania. Možno sa vyskytol problém s týmto rozšíriteľným
počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo bol systém pri pokuse
o toto volanie veľmi zaneprázdnený.

Error - 18.11.2009 10:30:11 | Computer Name = ADAM | Source = Perflib | ID = 2002
Description = Otvorená procedúra služby WmiApRpl v knižnici DLL C:\WINDOWS\System32\wbem\wmiaprpl.dll
trvala dlhšie ako je stanovený limit čakania. Možno sa vyskytol problém s týmto rozšíriteľným
počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo bol systém pri pokuse
o toto volanie veľmi zaneprázdnený.

Error - 18.11.2009 12:11:44 | Computer Name = ADAM | Source = Perflib | ID = 2002
Description = Otvorená procedúra služby WmiApRpl v knižnici DLL C:\WINDOWS\System32\wbem\wmiaprpl.dll
trvala dlhšie ako je stanovený limit čakania. Možno sa vyskytol problém s týmto rozšíriteľným
počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo bol systém pri pokuse
o toto volanie veľmi zaneprázdnený.

Error - 19.11.2009 10:08:20 | Computer Name = ADAM | Source = Perflib | ID = 1015
Description = Časový limit čakania na dokončenie funkcie zberu údajov o výkone Spooler
v
knižnici C:\WINDOWS\system32\winspool.drv uplynul. Pravdepodobne sa vyskytol problém
s
rozšíriteľným počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo systém
bol pri prijatí tohto volania veľmi zaneprázdnený.

Error - 19.11.2009 10:08:38 | Computer Name = ADAM | Source = Perflib | ID = 2002
Description = Otvorená procedúra služby WmiApRpl v knižnici DLL C:\WINDOWS\System32\wbem\wmiaprpl.dll
trvala dlhšie ako je stanovený limit čakania. Možno sa vyskytol problém s týmto rozšíriteľným
počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo bol systém pri pokuse
o toto volanie veľmi zaneprázdnený.

Error - 19.11.2009 11:52:16 | Computer Name = ADAM | Source = Perflib | ID = 1015
Description = Časový limit čakania na dokončenie funkcie zberu údajov o výkone PerfOS
v
knižnici C:\WINDOWS\system32\perfos.dll uplynul. Pravdepodobne sa vyskytol problém
s
rozšíriteľným počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo systém
bol pri prijatí tohto volania veľmi zaneprázdnený.

Error - 19.11.2009 15:25:49 | Computer Name = ADAM | Source = Perflib | ID = 1015
Description = Časový limit čakania na dokončenie funkcie zberu údajov o výkone Spooler
v
knižnici C:\WINDOWS\system32\winspool.drv uplynul. Pravdepodobne sa vyskytol problém
s
rozšíriteľným počítadlom alebo službou, z ktorej zhromažďuje údaje, alebo systém
bol pri prijatí tohto volania veľmi zaneprázdnený.

[ System Events ]
Error - 27.5.2010 12:54:08 | Computer Name = ADAM | Source = Cdrom | ID = 262151
Description = Zariadenie \Device\CdRom1 má chybný blok.

Error - 27.5.2010 12:55:18 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:56:52 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:57:01 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:57:07 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:57:12 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:57:17 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 12:57:22 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 13:00:08 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

Error - 27.5.2010 13:38:26 | Computer Name = ADAM | Source = ati2mtag | ID = 45062
Description = CRT invalid display type

< End of report >

#4 Příspěvek od **Caroprd111** » 27 kvě 2010 19:11

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... p43dmo.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010.04.29 13:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 183 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Gorej · #5 Příspěvek od **Gorej** » 28 kvě 2010 08:24

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Starting removal of ActiveX control {3334504D-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\mp43dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3334504D-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3334504D-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3334504D-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3334504D-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\PerfStringBackup.TMP deleted successfully.
C:\Documents and Settings\All Users\Application Data\TEMP folder moved successfully.
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13 .
========== COMMANDS ==========

[EMPTYTEMP]

User: Adamko
->Temp folder emptied: 225810 bytes
->Temporary Internet Files folder emptied: 35419 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44354957 bytes
->Flash cache emptied: 792 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 221184 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 550258 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 43,00 mb

[EMPTYFLASH]

User: Adamko
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.5.0 log created on 05282010_091540

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_6a8.dat moved successfully.

Registry entries deleted on Reboot...

#6 Příspěvek od **Caroprd111** » 28 kvě 2010 12:43

Jak to vypadá s PC

Gorej · #7 Příspěvek od **Gorej** » 28 kvě 2010 19:24

Stránkovanie zaberá 386 MB, ramku mám 256 MB, firefox zaberá 100 MB a to mám spustenú len túto stránku a pár "zlepšovákov" pre FF... Po zapnutí musím čakať aj 5 minút aby som s ním niečo mohol robiť inak permamentne všetko zamŕza..

#8 Příspěvek od **Caroprd111** » 29 kvě 2010 19:25

Máte malou RAM, od tohoto PC nemůžete čekat zázraky.

Obrázek

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
Log vložte sem.

Gorej · #9 Příspěvek od **Gorej** » 30 kvě 2010 18:10

Začínam uvažovať nad kúpou novej RAM.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4155

Windows 5.1.2600 Service Pack 1
Internet Explorer 6.0.2800.1106

30.5.2010 19:09:24
mbam-log-2010-05-30 (19-09-24).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 170611
Uplynulý čas: 2 hod, 0 min, 47 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 1
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

#10 Příspěvek od **Caroprd111** » 30 kvě 2010 18:33

Vše, co našel MBAM smažte.

Obrázek

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

Obrázek

V logu nevidím firewall, doinstalujte

Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Defragmentujte disk.

Obrázek

Dejte nový log z RSIT.

VIRY.CZ

Kontrola logu prosím

Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím

Re: Kontrola logu prosím