Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly pocitac

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Pomaly pocitac

#1 Příspěvek od shatterhand »

Zdravim. Pravdepodobne sa jedna o virus, pocitac spomalene startuje, casto ma velke vyuzitie CPU. Firefox obcas mrzne. Ked vypnem firefox a znovu ho zapnem, pise, ze uz je zapnuty ale neodpoveda, treba ho vypinat v spravcovi uloh. Youtube dokaze prehrat len 1-2 videa, pri kliknuti na dalsie hodi nejaku hlasku o ukladani. Vypnutie pocitaca je tiez problematicke a zdlhave, ukoncuje take a take procesy...

Tu je log z RSITu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-05-28 12:37:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (2%) free of 50 GB
Total RAM: 895 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:04, on 28. 5. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.atlas.cz/?from=icqhp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BA11B05-CB1D-43E5-8932-F95655A73F7D}: NameServer = 195.113.44.11,195.113.0.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9c111f26dcafa) (gupdate1c9c111f26dcafa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

--
End of file - 8326 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-09-24 1193984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-09-24 1193984]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-10-08 859592]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-06 136600]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-12 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\StrongDC.exe"="C:\Documents and Settings\Administrator\Plocha\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}]
shell\AutoRun\command - G:\twhvna.exe
shell\open\command - G:\twhvna.exe


======List of files/folders created in the last 3 months======

2010-05-27 18:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-24 00:02:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sibelius Software
2010-05-16 00:18:26 ----D---- C:\Program Files\Ask.com
2010-05-16 00:17:46 ----D---- C:\Program Files\The KMPlayer
2010-05-16 00:08:41 ----A---- C:\WINDOWS\system32\systeminfo.dll
2010-05-16 00:07:56 ----D---- C:\Program Files\DVD X Studios
2010-05-16 00:07:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD X Studios
2010-05-14 01:25:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Noteworthy Software
2010-05-14 01:25:10 ----D---- C:\Program Files\Noteworthy Software
2010-05-12 12:38:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-04-15 20:22:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 20:22:50 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 20:21:14 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 20:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 20:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 20:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 20:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-01 20:06:16 ----D---- C:\Program Files\ExpertGPS
2010-04-01 17:42:21 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-31 11:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-30 00:57:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-03-30 00:53:27 ----D---- C:\Program Files\Musicnotes
2010-03-28 18:56:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-25 23:44:21 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-25 23:44:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-25 23:44:10 ----D---- C:\WINDOWS\Logs
2010-03-25 23:44:06 ----D---- C:\Program Files\Winamp Detect
2010-03-25 23:43:56 ----D---- C:\Program Files\Winamp Toolbar
2010-03-25 23:43:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-25 23:43:33 ----N---- C:\WINDOWS\system32\px.dll
2010-03-25 23:43:30 ----D---- C:\Program Files\Winamp
2010-03-25 23:43:30 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2010-03-20 04:22:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-03-17 13:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-03-17 13:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-03-17 13:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-03-17 13:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-03-16 20:56:58 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-16 20:53:19 ----D---- C:\Program Files\CDex
2010-03-16 20:45:24 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-16 20:45:23 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-03-16 20:45:09 ----D---- C:\Program Files\Windows Media Connect 2
2010-03-16 20:45:01 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-03-16 20:44:21 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-03-16 20:43:54 ----D---- C:\WINDOWS\system32\LogFiles
2010-03-16 20:43:50 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-03-15 04:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 22:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-09 22:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-09 22:47:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-09 22:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-09 22:46:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-09 20:08:47 ----R---- C:\WINDOWS\Alcmtr.exe
2010-03-09 20:08:13 ----A---- C:\WINDOWS\AS_Debug.txt
2010-03-09 18:12:22 ----D---- C:\Avenger
2010-03-09 18:12:22 ----A---- C:\avenger.txt
2010-03-09 14:56:58 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-09 14:52:23 ----D---- C:\WINDOWS\Prefetch
2010-03-09 13:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-09 13:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-09 13:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-09 13:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-09 13:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-09 13:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2010-03-09 13:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-03-09 13:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-09 13:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-09 13:22:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-09 13:21:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-09 13:20:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2010-03-09 13:19:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-09 13:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-09 13:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-09 13:12:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-09 13:10:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-09 13:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-09 13:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-09 13:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-09 13:05:58 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-09 13:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-09 13:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-09 13:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-03-09 13:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-03-09 13:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-03-09 12:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-09 12:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-09 12:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-09 12:57:15 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-09 12:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-09 12:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2010-03-09 12:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-09 12:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-09 12:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-09 12:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2010-03-09 12:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-09 12:47:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-09 12:46:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-09 12:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-03-09 12:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-09 12:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-03-09 12:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-09 12:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-03-09 12:40:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-09 12:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-09 12:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-09 12:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-09 12:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-09 12:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-03-09 12:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-09 12:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-09 12:31:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-09 12:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-09 12:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-09 12:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-09 12:27:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-09 12:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-09 12:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-09 12:24:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-09 12:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-09 12:20:05 ----A---- C:\WINDOWS\setuplog.txt
2010-03-09 12:18:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-03-09 12:18:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-03-09 12:18:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\azroles.dll
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-03-09 12:18:55 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-03-09 12:18:54 ----N---- C:\WINDOWS\system32\credssp.dll
2010-03-09 12:18:53 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-03-09 12:18:53 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-03-09 12:18:53 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-03-09 12:18:53 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-03-09 12:18:53 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-03-09 12:18:52 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-03-09 12:18:51 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-03-09 12:18:50 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-03-09 12:18:50 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-03-09 12:18:50 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-03-09 12:18:50 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-03-09 12:18:49 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\napstat.exe
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-03-09 12:18:48 ----N---- C:\WINDOWS\system32\mssha.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\qutil.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\qagent.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\onex.dll
2010-03-09 12:18:47 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\slserv.exe
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\slgen.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\setupn.exe
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-03-09 12:18:46 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-03-09 12:18:44 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-03-09 12:18:44 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-03-09 12:18:44 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-03-09 12:18:43 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-03-09 12:18:42 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-03-09 12:18:42 ----N---- C:\WINDOWS\slrundll.exe
2010-03-09 12:18:41 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-09 12:18:40 ----D---- C:\WINDOWS\l2schemas
2010-03-09 12:18:39 ----D---- C:\WINDOWS\system32\cs
2010-03-09 12:18:39 ----D---- C:\WINDOWS\system32\bits
2010-03-09 12:12:07 ----D---- C:\WINDOWS\network diagnostic
2010-03-09 12:10:22 ----A---- C:\WINDOWS\002980_.tmp
2010-03-09 12:05:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-08 23:09:00 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GetRightToGo
2010-03-04 19:53:01 ----SHD---- C:\RECYCLER
2010-03-04 19:49:29 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Download Manager
2010-03-02 19:25:08 ----A---- C:\ComboFix.txt
2010-03-02 19:18:16 ----D---- C:\ComboFix
2010-03-02 18:55:50 ----A---- C:\WINDOWS\MBR.exe
2010-03-02 18:54:36 ----A---- C:\WINDOWS\system32\CF17966.exe
2010-03-01 23:58:08 ----SHD---- C:\WINDOWS\CSC
2010-03-01 23:46:41 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 3 months======

2010-05-28 12:37:57 ----D---- C:\Program Files\trend micro
2010-05-28 11:47:09 ----D---- C:\WINDOWS\temp
2010-05-28 01:16:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-28 01:16:11 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2010-05-27 22:20:12 ----D---- C:\WINDOWS
2010-05-27 18:10:40 ----HD---- C:\WINDOWS\inf
2010-05-27 18:10:36 ----D---- C:\WINDOWS\system32
2010-05-27 18:10:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-18 17:01:12 ----SHD---- C:\WINDOWS\Installer
2010-05-18 17:01:11 ----SD---- C:\WINDOWS\Tasks
2010-05-16 00:18:26 ----RD---- C:\Program Files
2010-05-14 01:25:10 ----RSD---- C:\WINDOWS\Fonts
2010-05-12 12:38:53 ----A---- C:\WINDOWS\imsins.BAK
2010-05-12 12:38:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-12 12:38:46 ----D---- C:\Program Files\Outlook Express
2010-05-12 11:36:36 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-09 22:07:43 ----D---- C:\Program Files\Google
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-21 15:28:50 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-04-15 20:22:52 ----D---- C:\WINDOWS\system32\drivers
2010-04-06 02:37:17 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 00:24:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-25 23:44:23 ----D---- C:\WINDOWS\system32\DirectX
2010-03-17 03:31:17 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 00:55:00 ----D---- C:\Program Files\Windows Media Player
2010-03-16 20:57:19 ----D---- C:\WINDOWS\WinSxS
2010-03-16 20:57:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-16 20:45:16 ----A---- C:\WINDOWS\win.ini
2010-03-16 20:45:07 ----D---- C:\WINDOWS\Help
2010-03-15 04:03:19 ----D---- C:\Program Files\Movie Maker
2010-03-10 06:43:10 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:43:04 ----A---- C:\WINDOWS\system32\browseui.dll
2010-03-09 22:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-09 20:09:45 ----D---- C:\WINDOWS\system32\RTCOM
2010-03-09 20:09:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-09 20:08:45 ----D---- C:\Program Files\Realtek
2010-03-09 15:42:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-09 14:53:11 ----D---- C:\WINDOWS\Debug
2010-03-09 14:51:40 ----D---- C:\WINDOWS\system32\wbem
2010-03-09 14:51:40 ----D---- C:\WINDOWS\system32\Setup
2010-03-09 14:51:40 ----D---- C:\WINDOWS\AppPatch
2010-03-09 13:11:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-09 12:29:11 ----D---- C:\WINDOWS\security
2010-03-09 12:25:03 ----D---- C:\Program Files\Messenger
2010-03-09 12:19:00 ----D---- C:\WINDOWS\ehome
2010-03-09 12:18:58 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-09 12:18:57 ----D---- C:\WINDOWS\ime
2010-03-09 12:18:41 ----D---- C:\WINDOWS\system32\usmt
2010-03-09 12:18:41 ----D---- C:\Program Files\Internet Explorer
2010-03-09 12:18:39 ----D---- C:\WINDOWS\PeerNet
2010-03-09 12:14:52 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-09 12:14:37 ----D---- C:\WINDOWS\system32\Restore
2010-03-09 12:14:37 ----D---- C:\WINDOWS\system32\npp
2010-03-09 12:14:35 ----D---- C:\WINDOWS\msagent
2010-03-09 12:14:33 ----D---- C:\WINDOWS\srchasst
2010-03-09 12:14:32 ----D---- C:\Program Files\NetMeeting
2010-03-09 12:14:31 ----D---- C:\WINDOWS\system32\Com
2010-03-09 12:14:28 ----D---- C:\Program Files\Windows NT
2010-03-09 12:14:24 ----D---- C:\Program Files\Common Files\System
2010-03-09 12:13:56 ----D---- C:\WINDOWS\system32\oobe
2010-03-09 12:13:54 ----D---- C:\WINDOWS\system
2010-03-05 19:23:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-02 19:25:16 ----D---- C:\Qoobox
2010-03-02 19:23:39 ----A---- C:\WINDOWS\system.ini
2010-03-02 19:21:40 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-07 1972736]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S1 febc1436;febc1436; C:\WINDOWS\System32\drivers\febc1436.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-07 446464]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-06 152984]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9c111f26dcafa;Google Update Service (gupdate1c9c111f26dcafa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-19 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#2 Příspěvek od Caroprd111 »

Zdravím :)


Obrázek Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Obrázek Vložte do PC všechny flash disky, které používáte.

Obrázek Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
  • Spusťte, poté zvolte jazyk E - Enter
  • Zvolte 2 - Enter (je možný restart PC)
  • Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt


Obrázek Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#3 Příspěvek od shatterhand »

Diky. Odobral som jeden toolbar, dalsie som tam v programoch nenasiel. Usbfix mi nesiel stiahnut z linku, tak som ho stiahol inde. Posielam log z UsbFix:

--------------- [ UsbFix V2.413.4 ] ----------------

* User : Administrator - MICHAL-20E57DC6
* Outils mis a jours le 11/12/2008 par Chiquitine29 et Chimay8
* Vaccination effectuée ŕ 12:13:19 le ut 01. 06. 2010
* Windows Xp - Internet Explorer 6.0.2900.5512


--------------- [ Informations lecteurs ] ----------------

C: - Pevně disk

D: - Pevně disk

E: - Pevně disk

G: - Pevně disk

H: - VymŘniteln  jednotka


--------------- [ Vaccination ] ----------------

C:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
D:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
E:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
G:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
H:\autorun.inf -> Dossier autorun.inf crée par UsbFix !

--------------- [ Fin du rapport ] ----------------
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#4 Příspěvek od shatterhand »

OTL.txt /1.cast, komplet sa to nezmestilo/:

OTL logfile created on: 1. 6. 2010 12:16:16 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Administrator\Dokumenty\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

895,00 Mb Total Physical Memory | 313,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 3,13 Gb Free Space | 6,40% Space Free | Partition Type: NTFS
Drive D: | 175,78 Gb Total Space | 7,13 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive E: | 8,27 Gb Total Space | 8,21 Gb Free Space | 99,39% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 931,28 Gb Total Space | 289,56 Gb Free Space | 31,09% Space Free | Partition Type: FAT32
Drive H: | 999,63 Mb Total Space | 445,11 Mb Free Space | 44,53% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: MICHAL-20E57DC6
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.01 12:12:45 | 000,101,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\temp\41.tmp\b2e.exe
PRC - [2010.06.01 12:04:43 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Preberanie\OTL.exe
PRC - [2010.04.06 02:37:02 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.12 22:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.09.24 15:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 09:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe


========== Modules (SafeList) ==========

MOD - [2010.06.01 12:04:43 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Preberanie\OTL.exe
MOD - [2008.04.14 09:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.02.13 03:59:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.09.24 15:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2010.01.07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.04.13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.07.10 03:56:00 | 004,449,280 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.07 04:55:44 | 001,972,736 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.07.01 23:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: BSToolbar@toolbarnet.com:1.0.0.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.4
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2009.01.05 14:15:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.20 11:28:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.06 02:37:06 | 000,000,000 | ---D | M]

[2009.01.05 14:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2010.06.01 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions
[2010.03.25 23:44:03 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.10.21 16:29:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.10.09 12:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.09 12:23:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.05.18 17:03:18 | 000,002,426 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\askcom.xml
[2009.01.09 23:13:59 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\bsplayer-search.xml
[2010.05.27 11:21:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-1.xml
[2009.07.23 13:46:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-10.xml
[2009.08.25 03:30:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-11.xml
[2009.09.12 19:44:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-12.xml
[2009.10.09 13:49:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-13.xml
[2009.11.02 19:14:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-14.xml
[2009.12.17 16:04:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-15.xml
[2010.01.06 04:27:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-16.xml
[2010.02.22 01:51:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-17.xml
[2010.03.24 04:05:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-18.xml
[2010.04.06 02:37:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-19.xml
[2009.02.09 22:28:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-2.xml
[2010.05.16 03:39:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-20.xml
[2009.03.08 22:49:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-3.xml
[2009.03.29 22:13:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-4.xml
[2009.04.23 19:15:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-5.xml
[2009.04.28 19:57:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-6.xml
[2009.04.28 22:44:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-7.xml
[2009.04.28 23:24:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-8.xml
[2009.06.17 23:39:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-9.xml
[2008.12.15 16:45:18 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin.xml
[2010.03.26 00:34:22 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\winamp-search.xml
[2010.05.31 22:57:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.01.05 15:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.03.23 12:25:18 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.03.23 12:25:18 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2007.07.26 14:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.03.23 12:25:18 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.03.23 12:25:18 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.03.23 12:25:18 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.03.23 12:25:18 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010.03.02 19:02:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1417001333-1214440339-682003330-500..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.113.44.11 195.113.0.2
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.05 13:32:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 12:13:20 | 000,000,000 | -H-D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 12:13:20 | 000,000,000 | -H-D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 12:13:20 | 000,000,000 | -H-D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003.03.21 12:00:56 | 000,000,000 | RH-D | M] - G:\AUTORUN -- [ FAT32 ]
O32 - AutoRun File - [2010.06.01 12:13:22 | 000,000,000 | -H-D | M] - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.06.01 12:13:24 | 000,000,000 | -H-D | M] - H:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\Shell\AutoRun\command - "" = G:\twhvna.exe -- File not found
O33 - MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\Shell\open\Command - "" = G:\twhvna.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#5 Příspěvek od shatterhand »

OTL.txt /2.cast/:

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.01.05 13:32:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.01 12:13:20 | 000,000,000 | -H-D | C] -- C:\autorun.inf
[2010.06.01 12:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\UsbFix
[2010.06.01 12:04:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.06.01 12:03:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.05.24 20:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Liberec
[2010.05.24 00:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Sibelius Software
[2010.05.23 11:45:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\liberec+
[2010.05.16 00:18:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\The KMPlayer
[2010.05.16 00:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.05.16 00:08:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Filmy
[2010.05.16 00:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\DVD X Studios
[2010.05.16 00:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\DVD X Studios
[2010.05.16 00:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DVD X Studios
[2010.05.14 01:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Noteworthy Software
[2010.05.14 01:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\NoteWorthy Composer
[2010.05.14 01:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Noteworthy Software
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.01 12:10:37 | 007,602,176 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010.06.01 12:10:31 | 000,001,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\UsbFix.lnk
[2010.06.01 12:06:01 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.01 12:04:26 | 000,174,080 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.01 11:54:41 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.06.01 11:53:37 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.01 11:53:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.01 11:53:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.01 01:57:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.05.30 14:02:06 | 000,071,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\zaznamonehode.pdf
[2010.05.30 13:56:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.30 03:29:51 | 004,266,214 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\IconCache.db
[2010.05.29 15:11:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.05.29 13:25:16 | 001,599,946 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Mapa_3_nocni_provoz.pdf
[2010.05.25 02:21:34 | 000,235,833 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\mapka.JPG
[2010.05.24 03:32:01 | 000,368,868 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\winnetou.jpg
[2010.05.24 01:08:29 | 000,082,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\sweet dreams.JPG
[2010.05.24 01:05:08 | 000,097,210 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\down under.JPG
[2010.05.24 01:01:43 | 000,097,676 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\74-75.JPG
[2010.05.24 00:51:17 | 000,071,829 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\light my fire.JPG
[2010.05.24 00:47:25 | 000,096,279 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\the crystal ship.JPG
[2010.05.24 00:42:46 | 000,064,409 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\the man who sold the world.JPG
[2010.05.24 00:37:51 | 000,081,519 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\california dreaming.JPG
[2010.05.24 00:31:14 | 000,114,494 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\my hearth will go on.JPG
[2010.05.24 00:24:01 | 000,104,808 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\always on my mind.JPG
[2010.05.24 00:20:23 | 000,099,398 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\go west.JPG
[2010.05.24 00:08:19 | 000,072,233 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\suburbia.JPG
[2010.05.23 21:17:10 | 000,527,806 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\sierra_nevada_piste_map_lar.jpg
[2010.05.23 21:09:24 | 000,799,909 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\retezat-mountains.jpg
[2010.05.16 23:28:44 | 000,167,929 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\22721_big_123_182lo.jpg
[2010.05.16 03:29:21 | 000,106,535 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\nabidka_pc_8wgjyrhdt.jpg
[2010.05.16 03:26:55 | 000,049,796 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\452_vino_za_super_cenu_2l0jna47u.jpg
[2010.05.16 02:19:49 | 000,097,836 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\1orgasmus_1dkin0rfv.jpg
[2010.05.16 00:17:59 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2010.05.16 00:15:17 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\default.rss
[2010.05.16 00:14:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.16 00:08:41 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.05.16 00:08:04 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DVD X Player 5.4 Professional.lnk
[2010.05.14 13:43:28 | 000,084,512 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.05.14 13:42:16 | 001,583,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.14 01:25:11 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\NoteWorthy Composer 2.lnk
[2010.05.13 18:41:11 | 000,078,099 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 7.jpg
[2010.05.13 18:41:07 | 000,072,029 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 3.jpg
[2010.05.13 18:41:03 | 000,044,017 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 2.jpg
[2010.05.13 18:40:59 | 000,038,639 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 1.jpg
[2010.05.13 18:14:37 | 000,123,021 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\02.jpg
[2010.05.12 12:38:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.03 23:45:10 | 147,694,341 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\carodky.rar
[2010.05.02 14:09:36 | 000,704,213 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Borzava-mapa-var3 19_02.pdf
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.01 12:10:31 | 000,001,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\UsbFix.lnk
[2010.05.30 14:02:06 | 000,071,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\zaznamonehode.pdf
[2010.05.29 13:25:16 | 001,599,946 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Mapa_3_nocni_provoz.pdf
[2010.05.25 11:55:52 | 001,325,273 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\DSCF1308.JPG
[2010.05.25 11:55:52 | 001,310,018 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\DSCF1309.JPG
[2010.05.25 02:21:32 | 000,235,833 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\mapka.JPG
[2010.05.24 03:32:00 | 000,368,868 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\winnetou.jpg
[2010.05.24 01:08:29 | 000,082,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\sweet dreams.JPG
[2010.05.24 01:05:08 | 000,097,210 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\down under.JPG
[2010.05.24 01:01:43 | 000,097,676 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\74-75.JPG
[2010.05.24 00:51:17 | 000,071,829 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\light my fire.JPG
[2010.05.24 00:47:25 | 000,096,279 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\the crystal ship.JPG
[2010.05.24 00:42:46 | 000,064,409 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\the man who sold the world.JPG
[2010.05.24 00:37:51 | 000,081,519 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\california dreaming.JPG
[2010.05.24 00:31:14 | 000,114,494 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\my hearth will go on.JPG
[2010.05.24 00:24:01 | 000,104,808 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\always on my mind.JPG
[2010.05.24 00:17:00 | 000,099,398 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\go west.JPG
[2010.05.24 00:08:19 | 000,072,233 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\suburbia.JPG
[2010.05.23 21:17:10 | 000,527,806 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\sierra_nevada_piste_map_lar.jpg
[2010.05.23 21:09:22 | 000,799,909 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\retezat-mountains.jpg
[2010.05.16 23:28:41 | 000,167,929 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\22721_big_123_182lo.jpg
[2010.05.16 03:29:21 | 000,106,535 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\nabidka_pc_8wgjyrhdt.jpg
[2010.05.16 03:26:55 | 000,049,796 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\452_vino_za_super_cenu_2l0jna47u.jpg
[2010.05.16 02:19:49 | 000,097,836 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\1orgasmus_1dkin0rfv.jpg
[2010.05.16 00:17:59 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2010.05.16 00:15:17 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\default.rss
[2010.05.16 00:08:41 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.05.16 00:08:04 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DVD X Player 5.4 Professional.lnk
[2010.05.14 01:25:11 | 000,000,935 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\NoteWorthy Composer 2.lnk
[2010.05.13 18:41:10 | 000,078,099 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 7.jpg
[2010.05.13 18:41:07 | 000,072,029 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 3.jpg
[2010.05.13 18:41:03 | 000,044,017 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 2.jpg
[2010.05.13 18:40:59 | 000,038,639 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Ihla v Patrii 1.jpg
[2010.05.13 18:14:34 | 000,123,021 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\02.jpg
[2010.05.03 23:39:52 | 147,694,341 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\carodky.rar
[2010.05.02 14:09:34 | 000,704,213 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Borzava-mapa-var3 19_02.pdf
[2010.03.28 18:56:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.10.11 00:03:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.06.05 11:47:49 | 000,102,462 | ---- | C] () -- C:\WINDOWS\System32\drivers\3abe0148.sys
[2009.06.01 21:40:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cfgedit.INI
[2009.02.14 16:59:05 | 000,000,363 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009.02.05 06:06:16 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009.01.05 14:05:40 | 000,002,499 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.01.05 13:45:50 | 000,016,376 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.01.05 13:41:52 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.01.05 13:41:50 | 000,016,084 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.01.05 13:41:42 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

========== LOP Check ==========

[2009.03.10 13:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2009.03.20 21:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer
[2009.01.09 23:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer Pro
[2010.03.08 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GetRightToGo
[2009.09.22 18:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gmail
[2010.05.28 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010.05.14 01:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Noteworthy Software
[2010.05.16 00:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DVD X Studios
[2009.01.05 15:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.30 00:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Musicnotes
[2010.06.01 11:54:41 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"StartCCC" = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe -- [2006.11.10 14:35:24 | 000,090,112 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 09:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.09.17 16:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.10.04 22:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2009.03.10 13:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2009.03.30 02:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2009.01.05 13:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2009.03.20 21:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer
[2009.01.09 23:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer Pro
[2010.03.04 19:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Download Manager
[2010.03.08 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GetRightToGo
[2009.09.22 18:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gmail
[2009.04.19 19:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2009.03.15 13:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.05.28 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2009.01.05 13:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2009.01.05 14:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2009.10.12 19:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2009.01.05 16:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2009.07.18 22:04:11 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2009.01.05 14:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2009.02.18 23:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2010.05.14 01:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Noteworthy Software
[2010.05.24 00:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sibelius Software
[2009.01.06 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2009.04.26 19:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010.03.25 23:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Winamp
[2009.01.05 17:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.09.09 00:22:06 | 000,013,221 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter\pup.exe
[2009.09.09 00:22:06 | 000,000,422 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer\ven32.exe
[2009.09.09 00:22:06 | 000,016,141 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer Pro\regs32.exe
[2007.08.18 10:54:02 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 10:53:50 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 18:26:54 | 000,036,396 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 12:51:06 | 000,691,717 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\FFDShow\unins000.exe
[2008.03.29 18:42:00 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 18:42:02 | 000,335,872 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 18:41:54 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 10:11:02 | 000,041,412 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2009.06.10 15:10:47 | 001,878,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.10.10 21:21:26 | 000,319,488 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
[2009.01.05 13:54:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{0075EC0E-35F3-22AE-0BC5-AFA40FA72066}\ARPPRODUCTICON.exe
[2009.01.05 13:55:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{168EAB37-6E06-1566-BBB2-80F64954FCAA}\ARPPRODUCTICON.exe
[2009.01.05 13:54:46 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{26200A3D-603D-481C-060A-D0C04E668A00}\ARPPRODUCTICON.exe
[2009.01.05 13:54:01 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{2976F97B-9517-EFF0-0C76-75C49608C714}\ARPPRODUCTICON.exe
[2009.01.05 13:54:23 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{2B266E15-CCDB-931D-F565-21B87A9587ED}\ARPPRODUCTICON.exe
[2009.01.05 13:54:13 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{2F8D7D6D-18F5-9E94-2192-B4BE3294BF04}\ARPPRODUCTICON.exe
[2009.01.05 13:54:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{30F50BA6-AC03-7320-36AD-BC62D832999D}\ARPPRODUCTICON.exe
[2009.01.05 13:53:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{3163489D-E46B-F65E-B4C8-458A62327B9B}\ARPPRODUCTICON.exe
[2009.01.05 13:53:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{35BC5733-3BB9-AFCA-64B4-66D760ABFB4C}\ARPPRODUCTICON.exe
[2009.01.05 13:54:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{39722E9E-7FA5-093B-F9E4-44BD8CCC878D}\ARPPRODUCTICON.exe
[2009.01.05 13:54:52 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{3EDC8E1D-6516-8349-2F71-7E5523B3C18E}\ARPPRODUCTICON.exe
[2009.01.05 13:54:36 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{462619C1-147F-AFF8-DAB9-B7B541F7AA45}\ARPPRODUCTICON.exe
[2009.01.05 13:53:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{477FEAC4-CF34-9182-077D-343A3BA8820D}\ARPPRODUCTICON.exe
[2009.01.05 13:54:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{496F04F7-2758-AA15-CB7A-98014BDC7324}\ARPPRODUCTICON.exe
[2009.01.05 13:54:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{4A8EAE55-E2EF-8632-F2B3-C4CB658B0D27}\ARPPRODUCTICON.exe
[2009.01.05 13:54:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{54C98230-2D30-2C26-2E15-AA966E7C807F}\ARPPRODUCTICON.exe
[2009.01.05 13:55:07 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{5557F96F-7580-59BD-F546-A2E3E5426868}\ARPPRODUCTICON.exe
[2009.01.05 13:53:51 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{5C145ED8-1D8E-3793-7851-83E554E2ABCB}\ARPPRODUCTICON.exe
[2009.01.05 13:54:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{5D2C13F8-5CE7-9B14-F6EC-0BBA726662C6}\ARPPRODUCTICON.exe
[2009.01.05 13:55:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{60F40DA0-BE6B-EADF-506A-F72E03D08FE7}\ARPPRODUCTICON.exe
[2009.01.05 13:54:39 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{613CFE35-3561-F0B1-9C81-117CE22BF2D3}\ARPPRODUCTICON.exe
[2009.01.05 13:54:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{6382AF0F-2646-6353-836C-87B024893F83}\ARPPRODUCTICON.exe
[2009.01.05 13:55:05 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{778AD6C6-77D4-8BBD-F538-E8A13CE42EB9}\ARPPRODUCTICON.exe
[2009.01.05 13:54:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{798CFA2A-823D-DB5D-5691-69769833E9E6}\ARPPRODUCTICON.exe
[2009.01.05 13:54:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{7A02BC52-906B-EE63-CFB1-D35E4C12405D}\ARPPRODUCTICON.exe
[2009.01.05 13:54:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{7CAC9289-1B22-2242-06FE-D2D3CE931848}\ARPPRODUCTICON.exe
[2009.01.05 13:54:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{85285EC9-DB77-5CFC-F0A7-27BA3A3E4B7F}\ARPPRODUCTICON.exe
[2009.01.05 13:54:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{87A85280-994F-CE8E-E191-EB39E9171610}\ARPPRODUCTICON.exe
[2009.01.05 13:54:38 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{9532A451-4094-AD54-2F10-A700F076C0FE}\ARPPRODUCTICON.exe
[2009.01.05 13:54:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{A6355BA8-C75A-E32F-8D32-CDAD69838FAD}\ARPPRODUCTICON.exe
[2009.01.05 13:54:28 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{B56199A4-1057-2808-E077-A4B6A3CC9B6F}\ARPPRODUCTICON.exe
[2009.01.05 13:55:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{B9237320-5FC6-DE88-356E-B426EC32328C}\ARPPRODUCTICON.exe
[2009.01.05 13:54:03 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{BB656D38-FF78-B695-5BD1-942F7020585C}\ARPPRODUCTICON.exe
[2009.01.05 13:54:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{BF7C613C-826C-23E7-F642-E026A258ED94}\ARPPRODUCTICON.exe
[2009.01.05 13:55:01 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{C57B03CB-7154-2F34-6A80-DEBF13C06DAB}\ARPPRODUCTICON.exe
[2009.01.05 13:54:44 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{C7FF21EE-D86F-47D1-D27F-87BD1C1E58D0}\ARPPRODUCTICON.exe
[2009.01.05 13:54:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{DBC05924-EC6D-5BDF-2CA6-BD2E44676004}\ARPPRODUCTICON.exe
[2009.01.05 13:54:57 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{DD1C463E-5BB5-47A2-587E-2F089DBFFC39}\ARPPRODUCTICON.exe
[2009.01.05 13:55:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{DEF767B8-1932-8402-319C-7C8050CD75BB}\ARPPRODUCTICON.exe
[2009.01.05 13:55:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{E17D0CF4-616D-6B51-8730-D6CBF185D7BF}\ARPPRODUCTICON.exe
[2009.01.05 13:54:51 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{EE0C1CFB-5C69-796D-1DB4-923D5F535F4C}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ERDNT\cache\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ERDNT\cache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.14 01:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007.03.07 04:57:02 | 000,307,200 | R--- | M] (ATI Technologies Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.01.05 14:12:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.01.05 14:12:10 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.01.05 14:12:10 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2007.03.07 04:57:02 | 000,307,200 | R--- | M] (ATI Technologies Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.05.30 13:56:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#6 Příspěvek od shatterhand »

Extras.txt:


OTL Extras logfile created on: 1. 6. 2010 12:16:16 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Documents and Settings\Administrator\Dokumenty\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

895,00 Mb Total Physical Memory | 313,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 3,13 Gb Free Space | 6,40% Space Free | Partition Type: NTFS
Drive D: | 175,78 Gb Total Space | 7,13 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive E: | 8,27 Gb Total Space | 8,21 Gb Free Space | 99,39% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 931,28 Gb Total Space | 289,56 Gb Free Space | 31,09% Space Free | Partition Type: FAT32
Drive H: | 999,63 Mb Total Space | 445,11 Mb Free Space | 44,53% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: MICHAL-20E57DC6
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Plocha\StrongDC.exe" = C:\Documents and Settings\Administrator\Plocha\StrongDC.exe:*:Enabled:StrongDC++ -- (Big Muscle, KohlSoft® Corporation ;-))
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0075EC0E-35F3-22AE-0BC5-AFA40FA72066}" = CCC Help German
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{075B7643-265E-CFEB-79FD-69488108B194}" = Catalyst Control Center Graphics Light
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{168EAB37-6E06-1566-BBB2-80F64954FCAA}" = CCC Help Russian
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26200A3D-603D-481C-060A-D0C04E668A00}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{2976F97B-9517-EFF0-0C76-75C49608C714}" = Catalyst Control Center Localization French
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B266E15-CCDB-931D-F565-21B87A9587ED}" = Catalyst Control Center Localization Russian
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2F8D7D6D-18F5-9E94-2192-B4BE3294BF04}" = Catalyst Control Center Localization Dutch
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30F50BA6-AC03-7320-36AD-BC62D832999D}" = Catalyst Control Center Localization Italian
"{3163489D-E46B-F65E-B4C8-458A62327B9B}" = Catalyst Control Center Localization Greek
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BC5733-3BB9-AFCA-64B4-66D760ABFB4C}" = Catalyst Control Center Localization Spanish
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3801C4C9-0082-5E51-AB0B-0C7156F27720}" = ccc-utility
"{39722E9E-7FA5-093B-F9E4-44BD8CCC878D}" = Catalyst Control Center Localization Norwegian
"{3EDC8E1D-6516-8349-2F71-7E5523B3C18E}" = CCC Help Italian
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{462619C1-147F-AFF8-DAB9-B7B541F7AA45}" = Catalyst Control Center Localization Chinese Traditional
"{477FEAC4-CF34-9182-077D-343A3BA8820D}" = Catalyst Control Center Localization Finnish
"{496F04F7-2758-AA15-CB7A-98014BDC7324}" = CCC Help Norwegian
"{4A8EAE55-E2EF-8632-F2B3-C4CB658B0D27}" = CCC Help Japanese
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{54C98230-2D30-2C26-2E15-AA966E7C807F}" = CCC Help Greek
"{5557F96F-7580-59BD-F546-A2E3E5426868}" = CCC Help Thai
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C145ED8-1D8E-3793-7851-83E554E2ABCB}" = Catalyst Control Center Localization German
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D2C13F8-5CE7-9B14-F6EC-0BBA726662C6}" = Catalyst Control Center Localization Polish
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{60F40DA0-BE6B-EADF-506A-F72E03D08FE7}" = CCC Help Portuguese
"{613CFE35-3561-F0B1-9C81-117CE22BF2D3}" = CCC Help Danish
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{6382AF0F-2646-6353-836C-87B024893F83}" = Catalyst Control Center Localization Korean
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{778AD6C6-77D4-8BBD-F538-E8A13CE42EB9}" = CCC Help Swedish
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{785DBD63-5338-8BBA-293A-79B2ECA3B69B}" = Catalyst Control Center Graphics Full New
"{798CFA2A-823D-DB5D-5691-69769833E9E6}" = Catalyst Control Center Localization Chinese Standard
"{7A02BC52-906B-EE63-CFB1-D35E4C12405D}" = CCC Help Korean
"{7CAC9289-1B22-2242-06FE-D2D3CE931848}" = Catalyst Control Center Localization Japanese
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C3DC89-05CB-5D10-F85C-5D6E8D52046C}" = Catalyst Control Center Localization Danish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85285EC9-DB77-5CFC-F0A7-27BA3A3E4B7F}" = CCC Help French
"{87A85280-994F-CE8E-E191-EB39E9171610}" = Catalyst Control Center Localization Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{9532A451-4094-AD54-2F10-A700F076C0FE}" = CCC Help Czech
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6355BA8-C75A-E32F-8D32-CDAD69838FAD}" = Catalyst Control Center Localization Turkish
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B56199A4-1057-2808-E077-A4B6A3CC9B6F}" = Catalyst Control Center Localization Thai
"{B9237320-5FC6-DE88-356E-B426EC32328C}" = CCC Help Turkish
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB656D38-FF78-B695-5BD1-942F7020585C}" = Catalyst Control Center Localization Hungarian
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BF7C613C-826C-23E7-F642-E026A258ED94}" = CCC Help Finnish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D29698-59D8-70A4-F370-88CEE874BB52}" = ccc-core-static
"{C57B03CB-7154-2F34-6A80-DEBF13C06DAB}" = CCC Help Polish
"{C7FF21EE-D86F-47D1-D27F-87BD1C1E58D0}" = CCC Help English
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D40861D5-27F7-D29A-EAE0-AB86CFE9906D}" = Skins
"{D5423400-5CB2-B61F-3812-1396B0D1E98B}" = Catalyst Control Center Graphics Full Existing
"{D58D386F-2942-C388-7A4C-A16208671588}" = Catalyst Control Center Localization Czech
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DBC05924-EC6D-5BDF-2CA6-BD2E44676004}" = Catalyst Control Center Localization Swedish
"{DD1C463E-5BB5-47A2-587E-2F089DBFFC39}" = CCC Help Dutch
"{DEF767B8-1932-8402-319C-7C8050CD75BB}" = CCC Help Chinese Standard
"{E17D0CF4-616D-6B51-8730-D6CBF185D7BF}" = CCC Help Chinese Traditional
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EE0C1CFB-5C69-796D-1DB4-923D5F535F4C}" = CCC Help Hungarian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4798436-47D8-A8A5-BBC9-F1A4FB794AE0}" = Catalyst Control Center Core Implementation
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"adobe flash player activex" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"All ATI Software" = ATI - Software Uninstall Utility
"Any Video Converter_is1" = Any Video Converter 2.7.1
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BS.Player ControlBar" = BS.Player ControlBar
"BSPlayer1" = BSPlayer
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"CDex" = CDex - Open Source Digital Audio CD Extractor
"combined community codec pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"DVD X Player 5.4 Professional_is1" = DVD X Player 5.4 Professional
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpertGPS_is1" = ExpertGPS 3.87
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.4.4
"NoteWorthy Composer 2" = NoteWorthy Composer 2
"rajče.net_is1" = rajče beta52
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"twse.cz gameclient" = TWSE herní klient
"Universal Converter" = Universal Converter
"UsbFix" = UsbFix
"VLC media player" = VideoLAN VLC media player 0.8.6a
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 8. 11. 2009 8:37:56 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.sk/complete/sear ... dobs&cp=12 failed,
0000A413.

Error - 9. 11. 2009 13:35:57 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.sk/complete/sear ... 20co&cp=13 failed,
0000A413.

Error - 9. 11. 2009 20:30:28 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://clients1.google.sk/complete/sear ... 5%A1t&cp=4 failed, 0000A413.


Error - 26. 2. 2010 6:44:14 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/ajax/intent.php ... est_type=1
failed, 00000070.

Error - 28. 3. 2010 17:02:42 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/ajax/intent.php ... est_type=1 failed,
00000070.

Error - 28. 3. 2010 17:42:42 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/ajax/intent.php ... est_type=1 failed,
00000070.

Error - 28. 3. 2010 17:52:41 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/ajax/intent.php ... est_type=1 failed,
00000070.

Error - 28. 3. 2010 18:21:47 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/ajax/intent.php ... est_type=1 failed,
00000070.

Error - 15. 5. 2010 18:04:58 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.dvd-x-player.com/download/DV ... rSetup.exe failed, 0000000D.

Error - 18. 5. 2010 14:09:43 | Computer Name = MICHAL-20E57DC6 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://pokec.azet.sk/sluzby/pouzivateli ... b97b02&x=1
failed, 00000070.

[ Application Events ]
Error - 4. 5. 2010 20:44:30 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x0464d6b0.

Error - 4. 5. 2010 21:24:42 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x0430d6b0.

Error - 11. 5. 2010 6:35:58 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x05b1d6b0.

Error - 15. 5. 2010 18:43:01 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace kmplayer.exe, verze 2.9.4.1436, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 15. 5. 2010 18:43:07 | Computer Name = MICHAL-20E57DC6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1436, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17. 5. 2010 12:07:10 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace kmplayer.exe, verze 2.9.4.1436, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 20. 5. 2010 21:24:51 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x044cd6b0.

Error - 23. 5. 2010 12:43:37 | Computer Name = MICHAL-20E57DC6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.2.3743, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28. 5. 2010 19:35:11 | Computer Name = MICHAL-20E57DC6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 1.3.7.826, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29. 5. 2010 21:29:07 | Computer Name = MICHAL-20E57DC6 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x04bdd6b0.

[ System Events ]
Error - 30. 5. 2010 7:57:04 | Computer Name = MICHAL-20E57DC6 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: febc1436

Error - 30. 5. 2010 11:33:58 | Computer Name = MICHAL-20E57DC6 | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače NONE-FA22EDB714,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{4BA11B05-CB1. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 30. 5. 2010 18:45:44 | Computer Name = MICHAL-20E57DC6 | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače NONE-FA22EDB714,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{4BA11B05-CB1. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 30. 5. 2010 19:57:13 | Computer Name = MICHAL-20E57DC6 | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače NONE-FA22EDB714,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{4BA11B05-CB1. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 30. 5. 2010 20:16:43 | Computer Name = MICHAL-20E57DC6 | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC000007F
při zpracování souboru THE IT CRO .. Němec.lnk na svazku HarddiskVolume1. Sledování
svazku bylo ukončeno.

Error - 31. 5. 2010 9:30:39 | Computer Name = MICHAL-20E57DC6 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: febc1436

Error - 31. 5. 2010 10:36:54 | Computer Name = MICHAL-20E57DC6 | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače NONE-FA22EDB714,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{4BA11B05-CB1. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 31. 5. 2010 12:45:05 | Computer Name = MICHAL-20E57DC6 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: febc1436

Error - 1. 6. 2010 5:53:43 | Computer Name = MICHAL-20E57DC6 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: febc1436

Error - 1. 6. 2010 6:06:04 | Computer Name = MICHAL-20E57DC6 | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače NONE-FA22EDB714,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{4BA11B05-CB1. Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#7 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
PRC - [2010.06.01 12:12:45 | 000,101,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\temp\41.tmp\b2e.exe
PRC - [2008.04.14 09:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
IE - HKU\S-1-5-21-1417001333-1214440339-682003330-500\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O33 - MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\Shell\AutoRun\command - "" = G:\twhvna.exe -- File not found
O33 - MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\Shell\open\Command - "" = G:\twhvna.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" =-

:Files
C:\Documents and Settings\Administrator\Local Settings\temp

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Obrázek Doporučuji odinstalovat:
C:\Documents and Settings\Administrator\Plocha\StrongDC.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.


Obrázek Následující soubor/y otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\drivers\3abe0148.sys

(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Obrázek
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#8 Příspěvek od shatterhand »

OTL mi restartovalo komp a potom vyliezol nejaky log, neviem, ci spravny. StrongDC pouzivam len v ramci kolejnej siete, nepripajam sa s nim nikam von. Ten link na virustotal mi nefunguje.

All processes killed
========== OTL ==========
No active process named b2e.exe was found!
No active process named cmd.exe was found!
HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "http://slirsredirect.search.aol.com/sli ... ie7&query=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00086b0a-4f8e-11df-8c5d-00085405ade1}\ not found.
File G:\twhvna.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00086b0a-4f8e-11df-8c5d-00085405ade1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00086b0a-4f8e-11df-8c5d-00085405ade1}\ not found.
File G:\twhvna.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
C:\WINDOWS\System32\SET82.tmp deleted successfully.
C:\WINDOWS\System32\SET86.tmp deleted successfully.
C:\WINDOWS\System32\SET87.tmp deleted successfully.
C:\WINDOWS\System32\SET8E.tmp deleted successfully.
C:\WINDOWS\002980_.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\drivers\svchost.exe deleted successfully.
========== FILES ==========
C:\Documents and Settings\Administrator\Local Settings\temp\~nsu.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\_avast4_ folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WPDNSE folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WMC0000.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WERd325.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WERb738.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER8fc4.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER5e30.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER5b6c.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER5300.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER4cf9.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\WER0ba4.dir00 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files\Content.IE5\UL05MDAD folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files\Content.IE5\DS6VJ5QZ folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files\Content.IE5\6B2D8VON folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files\Content.IE5\5CVX8LFQ folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Temporary Internet Files folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\RarSFX0 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-99 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-98 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-97 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-96 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-95 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-94 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-93 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-92 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-91 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-90 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-9 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-89 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-88 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-87 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-86 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-85 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-84 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-83 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-82 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-81 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-80 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-8 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-79 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-78 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-77 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-76 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-75 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-74 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-73 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-72 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-71 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-70 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-7 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-69 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-68 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-67 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-66 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-65 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-64 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-63 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-62 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-61 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-60 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-6 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-59 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-58 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-57 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-56 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-55 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-54 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-53 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-52 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-51 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-50 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-5 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-49 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-48 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-47 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-46 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-45 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-44 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-43 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-42 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-41 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-40 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-4 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-39 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-38 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-37 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-36 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-35 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-34 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-33 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-32 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-31 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-30 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-3 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-29 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-28 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-27 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-26 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-25 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-24 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-23 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-22 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-21 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-20 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-2 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-19 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-18 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-17 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-16 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-15 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-14 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-13 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-12 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-113 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-112 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-111 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-110 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-11 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-109 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-108 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-107 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-106 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-105 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-104 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-103 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-102 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-101 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-100 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-10 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp-1 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\plugtmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\outlook logging folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\issF9.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\issF6.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\isp9.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\isp1A5.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\is-P5T5A.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\is-FCMAV.tmp\_isetup folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\is-FCMAV.tmp folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\hsperfdata_Administrator folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\History\History.IE5 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\History folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\ge3372 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Cookies folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\AskSearch folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 9060146 bytes
->Java cache emptied: 9396992 bytes
->FireFox cache emptied: 98654602 bytes
->Flash cache emptied: 2830678 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 58249 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39773960 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2286813 bytes

Total Files Cleaned = 155,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.5.2 log created on 06012010_131643

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#9 Příspěvek od Caroprd111 »

Otestujte soubor na http://virusscan.jotti.org/cs
Obrázek
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#10 Příspěvek od shatterhand »

Tak z tych 19 antivirov tam 5 nieco naslo: http://virusscan.jotti.org/cs/scanresul ... e0f70bf0c1
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#11 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:processes
explorer.exe

:Files
C:\WINDOWS\System32\drivers\febc1436.sys 
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys 
C:\WINDOWS\System32\drivers\3abe0148.sys

:Services
febc1436
catchme

:Commands
[REBOOT]
Poté klikněte na Opravit, PC se restartuje, log vložte sem.
Obrázek
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#12 Příspěvek od shatterhand »

Mam OTL v anglictine... takze mam spustit Run Fix?
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#13 Příspěvek od Caroprd111 »

Ano. :)
Obrázek
Nahoru
shatterhand
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 11 říj 2009 17:52
Bydliště: PB, SVK

Re: Pomaly pocitac

#14 Příspěvek od shatterhand »

Tu je log:

========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File\Folder C:\WINDOWS\System32\drivers\febc1436.sys not found.
File\Folder C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys not found.
C:\WINDOWS\System32\drivers\3abe0148.sys moved successfully.
========== SERVICES/DRIVERS ==========
Service febc1436 stopped successfully!
Service febc1436 deleted successfully!
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.5.2 log created on 06012010_141210

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Pomaly pocitac

#15 Příspěvek od Caroprd111 »

Obrázek Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek Stáhněte SPTD http://www.duplexsecure.com/en/downloads
  • Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
  • zvolte možnost Uninstall a restartujte PC.

Obrázek Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
  • Klikněte na "Disable" a restartujte PC.

Obrázek Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek Start > Spustit (Win + R)
  • Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t
  • Klikněte na OK
  • Vytvoří se log s názvem mbr.log, vložte ho sem.


Obrázek Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
Obrázek
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“