Nazdarek,
sem tam mi blbne internet - funguje, lebo v mi stahuje subory, ale nenacita novu stranku - vyhlasi chybu spojenia. Pritom stranku, ktoru som otvorila 20 min predtym stale funguje normalne.
Takisto mi nechce nacitavat CD, DVD a pamatovu kartu, ale mozno je uz pokazena mechanika...
Diky moc za pomoc!
Eva
Tu je kopia z log.txt:
Logfile of random's system information tool 1.07 (written by random/random)
Run by Evi at 2010-06-02 20:47:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (15%) free of 226 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:23, on 2.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\9HN9J9F5\RSIT[1].exe
C:\Program Files\trend micro\Evi.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup
O4 - HKLM\..\Run: [DellRemote] "C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 9668430888
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9668422653
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WMPControllerService - Dell, Inc. - C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
--
End of file - 9411 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Driver Robot.job
C:\WINDOWS\tasks\DriverRobot.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\OGALogon.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-02 1377576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-03-17 1392640]
"PSQLLauncher"=C:\Program Files\Fingerprint Reader Suite\launcher.exe [2007-04-17 49168]
"DellRemote"=C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe [2006-12-07 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-28 851968]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe []
"NVHotkey"=nvHotkey.dll,Start []
"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2002-05-07 20530]
"Client Access Help Update"=C:\Program Files\IBM\Client Access\cwbinhlp.exe [2002-05-07 24626]
"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2002-05-07 45056]
"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2002-05-07 20530]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPQEASYACC]
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe [2001-12-14 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
C:\WINDOWS\stsystra.exe [2007-05-06 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Evi^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFGuage.exe [2009-03-10 888832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Evi^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFREA~1.EXE [2009-03-10 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Evi^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFTIM~1.EXE [2009-03-10 94208]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2007-04-17 86528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-11 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca6b564c-396c-11df-8894-0015c57e517c}]
shell\AutoRun\command - G:\setup.exe
======List of files/folders created in the last 1 months======
2010-06-02 20:47:09 ----D---- C:\Program Files\trend micro
2010-06-02 20:47:08 ----D---- C:\rsit
2010-05-26 01:26:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-20 00:16:58 ----D---- C:\Program Files\Common Files\Research In Motion
2010-05-20 00:16:54 ----D---- C:\Documents and Settings\All Users\Application Data\Research In Motion
2010-05-17 22:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-05-16 04:21:54 ----D---- C:\WINDOWS\system32\XPSViewer
2010-05-16 04:21:49 ----D---- C:\Program Files\MSBuild
2010-05-16 04:21:39 ----D---- C:\Program Files\Reference Assemblies
2010-05-16 04:20:43 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-05-16 04:20:42 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-05-16 04:20:42 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-05-16 04:20:42 ----D---- C:\84d13b0241b95b61619c136153
2010-05-15 03:13:30 ----D---- C:\Program Files\Research In Motion
2010-05-15 03:13:06 ----D---- C:\Documents and Settings\Evi\Application Data\Research in Motion
2010-05-15 03:09:52 ----RSD---- C:\WINDOWS\assembly
2010-05-15 03:09:09 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-12 22:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
======List of files/folders modified in the last 1 months======
2010-06-02 20:47:09 ----D---- C:\Program Files
2010-06-02 20:47:07 ----D---- C:\WINDOWS\Prefetch
2010-06-02 20:45:36 ----D---- C:\WINDOWS\system32
2010-06-02 20:45:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-02 20:42:53 ----D---- C:\WINDOWS\Temp
2010-06-02 20:41:44 ----D---- C:\WINDOWS
2010-06-02 20:40:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-02 20:40:15 ----D---- C:\Documents and Settings\Evi\Application Data\uTorrent
2010-06-01 00:21:36 ----D---- C:\Documents and Settings\Evi\Application Data\Skype
2010-06-01 00:06:43 ----D---- C:\Documents and Settings\Evi\Application Data\skypePM
2010-05-31 01:44:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-30 02:05:12 ----HD---- C:\WINDOWS\inf
2010-05-29 12:52:37 ----D---- C:\Program Files\Mozilla Firefox
2010-05-20 00:17:23 ----SHD---- C:\WINDOWS\Installer
2010-05-20 00:17:20 ----D---- C:\WINDOWS\system32\drivers
2010-05-20 00:16:58 ----D---- C:\Program Files\Common Files
2010-05-20 00:16:56 ----RSD---- C:\WINDOWS\Fonts
2010-05-17 22:07:38 ----D---- C:\WINDOWS\WinSxS
2010-05-17 22:06:14 ----A---- C:\WINDOWS\imsins.BAK
2010-05-17 22:06:05 ----D---- C:\WINDOWS\system32\CatRoot
2010-05-17 22:05:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-16 14:18:04 ----D---- C:\WINDOWS\network diagnostic
2010-05-16 04:21:47 ----D---- C:\WINDOWS\system32\en-us
2010-05-16 04:21:03 ----D---- C:\WINDOWS\system32\spool
2010-05-16 04:14:16 ----D---- C:\WINDOWS\system32\mui
2010-05-15 12:59:17 ----D---- C:\Program Files\Driver Robot
2010-05-12 22:07:33 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-05-12 22:07:09 ----D---- C:\Program Files\Outlook Express
2010-05-11 22:30:41 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 EAWDMFD;EAWDMFD; C:\WINDOWS\system32\DRIVERS\eawdmfd.sys [1999-10-30 24348]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mvd17;mvd17; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-27 160256]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-31 534568]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-05 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-20 991656]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-11 57384]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-20 47272]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 eaps2kbd;Compaq Easy Access PS2 Internet Keyboard (Win2K); C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys [2001-12-29 24035]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-11-28 25216]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-04-30 3636864]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-06 1222840]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2007-04-17 46992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-25 156816]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-04-28 202912]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSR Service;Virtual Disk Service Manager; C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe [2009-02-05 102400]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004]
R2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\STacSV.exe [2007-05-06 94208]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-17 20480]
R2 WMPControllerService;WMPControllerService; C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe [2006-12-07 638976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-27 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Cwbrxd;iSeries Access for Windows Remote Command; C:\WINDOWS\CWBRXD.EXE [2002-02-04 53296]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o preventivku
Zdravim,
Pochopil jsem spravne, ze se jedna o notebook 
Doporucuji odinstalovat Spybot - Search & Destroy - tento programek ma uz nejlepsi leta za sebou
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Pochopil jsem spravne, ze se jedna o notebook Doporucuji odinstalovat Spybot - Search & Destroy - tento programek ma uz nejlepsi leta za sebou Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys nvraid.sys ndis.sys winlogon.exe explorer.exe userinit.exe lsass.exe svchost.exe smss.exe hal.dll ws2_32.dll tcpip.sys cryptsvc.dll Changer.sys JakNDis.sys isapnp.sys cdrom.sys /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
Copak se deje, ze se tu nic nedeje 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
Pardon, ano, je to notebook, mate pravdu
A akosi mi blbol net, tak sa mi nedalo pripojit preto tak neskoro...
Odinstalovala som ten Spybot a spustila OTL a tu je vysledok, najprv OTL.txt a v druhej sprave prilozim Extras (nechcelo to odoslat ked som vlozila oba naraz):
OTL.txt
OTL logfile created on: 5.6.2010 18:18:27 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Evi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 220,27 Gb Total Space | 30,51 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,60 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVI-9F249AF2460
Current User Name: Evi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
PRC - [2010.04.14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.02.05 17:46:46 | 000,102,400 | ---- | M] () -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
PRC - [2008.09.02 16:26:16 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.09.02 16:26:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.06 18:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007.04.17 07:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe
PRC - [2006.12.07 20:08:18 | 000,118,784 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
PRC - [2006.12.07 02:30:00 | 000,638,976 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
PRC - [2006.12.07 02:29:38 | 000,204,800 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
PRC - [2006.10.18 22:46:20 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
========== Modules (SafeList) ==========
MOD - [2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
MOD - [2008.09.02 16:25:10 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008.09.02 16:23:22 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.02.05 17:46:46 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe -- (MSR Service)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.06 18:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2006.12.07 02:30:00 | 000,638,976 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe -- (WMPControllerService)
SRV - [2002.02.04 14:20:00 | 000,053,296 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Unknown | Running] -- -- (mdf15)
DRV - [2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.04.14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.04.14 18:30:45 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.27 08:38:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.30 05:11:20 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009.01.30 18:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.01.23 20:50:42 | 000,059,392 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys -- (mvd17)
DRV - [2008.11.28 05:25:06 | 000,025,216 | R--- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp)
DRV - [2008.08.20 15:16:36 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.08.20 15:16:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.07.25 10:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.05.31 04:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.03.11 11:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008.02.05 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.05.06 18:12:00 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007.04.28 00:37:24 | 000,202,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.04.17 07:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007.02.27 11:21:00 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [1999.10.30 05:35:08 | 000,024,348 | R--- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.18 22:01:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.17 01:06:08 | 000,000,000 | ---D | M]
[2009.05.05 22:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla\Extensions
[2010.05.29 12:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions
[2009.06.14 00:14:18 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.05.29 12:52:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.27 08:38:38 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\searchplugins\daemon-search.xml
[2009.06.14 00:14:25 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\searchplugins\winamp-search.xml
[2009.05.05 22:04:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\IBM\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Help Update] C:\Program Files\IBM\Client Access\cwbinhlp.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Check Version] C:\Program Files\IBM\Client Access\cwbckver.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [DellRemote] C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe (Dell, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 9668430888 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 9668422653 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.4 89.101.160.5
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Evi\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Evi\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 04:34:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell - "" = AutoRun
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.28 20:15:03 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
========== Files/Folders - Created Within 30 Days ==========
[2010.06.05 18:16:14 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
[2010.06.02 20:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.02 20:47:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.20 00:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010.05.20 00:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010.05.16 04:21:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.05.16 04:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010.05.16 04:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010.05.16 04:20:43 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010.05.16 04:20:43 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010.05.16 04:20:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010.05.16 04:20:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010.05.16 04:20:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010.05.16 04:20:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010.05.16 04:20:42 | 000,000,000 | ---D | C] -- C:\84d13b0241b95b61619c136153
[2010.05.15 03:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010.05.15 03:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.05.15 03:09:52 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010.05.15 03:09:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.05 18:21:17 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Evi\NTUSER.DAT
[2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
[2010.06.05 18:14:18 | 000,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.05 18:14:18 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.05 18:14:18 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.05 18:10:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.05 18:10:25 | 000,031,681 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010.06.05 18:10:05 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.05 18:10:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010.06.05 18:10:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.05 18:10:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.05 18:09:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.05 18:08:52 | 004,836,458 | -H-- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\IconCache.db
[2010.06.05 17:32:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.04 00:06:05 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.03 22:31:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010.06.03 22:16:42 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Evi\ntuser.ini
[2010.06.01 00:28:24 | 000,232,448 | ---- | M] () -- C:\Documents and Settings\Evi\Desktop\sover_specification_170510(1).xls
[2010.05.30 03:28:49 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010.05.30 02:53:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\DriverRobot.job
[2010.05.20 00:16:58 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Media Sync.lnk
[2010.05.17 22:06:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.16 14:08:35 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk
[2010.05.16 12:37:19 | 000,031,681 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010.05.16 12:37:10 | 000,048,400 | ---- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.05.16 12:35:48 | 000,189,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.01 00:28:23 | 000,232,448 | ---- | C] () -- C:\Documents and Settings\Evi\Desktop\sover_specification_170510(1).xls
[2010.05.20 00:16:58 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Media Sync.lnk
[2010.05.20 00:10:25 | 735,218,303 | ---- | C] () -- C:\Documents and Settings\Evi\Desktop\The Princess And The Frog.mp4
[2010.05.15 12:59:20 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk
[2010.03.27 08:25:33 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.10.25 10:47:19 | 000,000,719 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.06.21 20:59:37 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.05.12 00:14:44 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2009.05.12 00:14:42 | 000,040,960 | R--- | C] () -- C:\WINDOWS\LoadDll.dll
[2009.05.05 18:06:58 | 000,000,251 | ---- | C] () -- C:\WINDOWS\System32\drivers\hlldrvr.sys
[2009.05.05 18:06:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\qxdaedrs.dll
[2009.05.05 18:06:19 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\cwbrw.dll
[2009.05.05 18:06:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\cwbsv.dll
[2009.05.05 18:06:19 | 000,020,528 | ---- | C] () -- C:\WINDOWS\System32\cwbwiz.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbsy.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbnl.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbco.dll
[2009.05.05 18:06:19 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbnldlg.dll
[2009.05.05 18:06:19 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbad.dll
[2009.04.29 19:15:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009.04.29 19:15:05 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009.01.30 18:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.30 18:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.30 18:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.30 18:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 18:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 18:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.02 16:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.02.17 21:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 21:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2010.03.27 07:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.07.29 19:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2010.03.27 08:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.27 08:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010.05.20 00:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009.04.29 19:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2009.05.20 00:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.04.30 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Blitware
[2010.03.27 08:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Lite
[2010.03.27 08:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Pro
[2009.06.10 17:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ
[2009.05.05 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ Toolbar
[2010.05.15 03:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.06.05 18:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\uTorrent
[2009.05.01 00:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\WinBatch
[2010.05.30 03:28:49 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010.05.30 02:53:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\DriverRobot.job
[2010.06.05 18:10:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.06.10 10:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.03.27 07:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.05.20 00:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009.05.20 00:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.07.29 19:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2010.03.27 08:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.27 08:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009.05.02 01:39:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.05.12 22:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.04.15 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010.05.20 00:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009.04.30 04:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.06.05 18:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.04.29 19:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2009.05.18 00:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009.05.20 00:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.02.04 14:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\DifXInstall32.exe
[2009.05.20 00:30:56 | 000,075,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
< %APPDATA%\*. >
[2009.06.10 11:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Adobe
[2009.05.29 22:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Apple Computer
[2009.04.30 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Blitware
[2010.03.27 08:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Lite
[2010.03.27 08:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Pro
[2009.08.06 17:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Help
[2009.06.10 17:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ
[2009.05.05 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ Toolbar
[2009.04.29 17:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Identities
[2009.04.29 19:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\InstallShield
[2009.04.30 04:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Macromedia
[2010.04.20 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Media Player Classic
[2010.04.17 11:38:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Evi\Application Data\Microsoft
[2009.05.05 22:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla
[2010.04.15 22:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Office Genuine Advantage
[2010.05.15 03:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.06.04 01:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Skype
[2010.06.04 00:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\skypePM
[2010.06.05 18:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\uTorrent
[2009.06.21 21:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Winamp
[2009.05.01 00:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\WinBatch
< %APPDATA%\*.exe /s >
[2009.04.30 20:05:19 | 122,066,376 | ---- | M] (NVIDIA Corporation ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\0a28e3c5e3fe1ab672c6d5a54ad73d5d\179.48_notebook_winxp_32bit_beta.exe
[2009.04.30 18:23:29 | 003,187,424 | ---- | M] (Hewlett-Packard Development Company, L.P. ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\3d342672db9788d2f049fd98e50cc3a6\sp40969.exe
[2009.05.11 23:43:26 | 131,101,088 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\5fce25ca22a30a2c2f09e254feeb1e08\sp42040.exe
[2009.04.30 18:23:14 | 002,824,728 | ---- | M] (Intel Corporation) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\8fd9228c4e000c81d8f46596db3dec48\INF_allOS_9.1.0.1012_PV.exe
[2009.05.11 23:29:39 | 006,556,808 | ---- | M] (Hewlett-Packard Company ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\e0ae2b764abae4f76b578b282901a256\sp24796.exe
[2009.05.11 23:35:25 | 060,194,544 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\e3fdf851f29dc7217427c7e25346877f\sp42241.exe
[2009.05.01 02:15:16 | 060,194,544 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\f61f70ff0928d6a63d537ec6bd8492ac\sp42241.exe
[2010.05.16 14:08:27 | 005,394,208 | ---- | M] (Blitware Technology Inc. ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\updates\abc95191a45adb07e02bfed478ab2665\driverrobot_setup.exe
[2009.05.04 22:07:14 | 001,915,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Evi\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.05.20 00:18:11 | 010,827,096 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Research in Motion\BlackBerry Media Sync\AutoUpdate\Updates\3.0.0.39\BlackBerryMediaSync.exe
< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 07:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004.08.04 07:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.04 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2007.04.17 08:06:36 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=E2D8E32A93945F3FCE220D0F71FDFB27 -- C:\Program Files\Fingerprint Reader Suite\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: IASTOR.SYS >
[2007.02.12 22:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\dell\drivers\R154200\iastor.sys
< MD5 for: ISAPNP.SYS >
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 22:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.04 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.27 08:38:18 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.04.28 20:34:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.28 20:34:26 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.28 20:34:26 | 000,925,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.06.05 18:10:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.05 18:10:25 | 000,031,681 | ---- | M] () -- C:\WINDOWS\system32\nvModes.001
[2010.06.05 18:14:18 | 000,068,558 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.06.05 18:14:18 | 000,435,828 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.06.05 18:14:18 | 000,512,960 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.06.05 18:10:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
A akosi mi blbol net, tak sa mi nedalo pripojit preto tak neskoro...
Odinstalovala som ten Spybot a spustila OTL a tu je vysledok, najprv OTL.txt a v druhej sprave prilozim Extras (nechcelo to odoslat ked som vlozila oba naraz):
OTL.txt
OTL logfile created on: 5.6.2010 18:18:27 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Evi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 220,27 Gb Total Space | 30,51 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,60 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVI-9F249AF2460
Current User Name: Evi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
PRC - [2010.04.14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.02.05 17:46:46 | 000,102,400 | ---- | M] () -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
PRC - [2008.09.02 16:26:16 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.09.02 16:26:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.06 18:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007.04.17 07:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe
PRC - [2006.12.07 20:08:18 | 000,118,784 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
PRC - [2006.12.07 02:30:00 | 000,638,976 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
PRC - [2006.12.07 02:29:38 | 000,204,800 | ---- | M] (Dell, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
PRC - [2006.10.18 22:46:20 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
========== Modules (SafeList) ==========
MOD - [2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
MOD - [2008.09.02 16:25:10 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008.09.02 16:23:22 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.02.05 17:46:46 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe -- (MSR Service)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.06 18:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2006.12.07 02:30:00 | 000,638,976 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe -- (WMPControllerService)
SRV - [2002.02.04 14:20:00 | 000,053,296 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Unknown | Running] -- -- (mdf15)
DRV - [2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.04.14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.04.14 18:30:45 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.27 08:38:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.30 05:11:20 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009.01.30 18:12:00 | 006,250,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.01.23 20:50:42 | 000,059,392 | ---- | M] (The One Technology) [Kernel | System | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd17.sys -- (mvd17)
DRV - [2008.11.28 05:25:06 | 000,025,216 | R--- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp)
DRV - [2008.08.20 15:16:36 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.08.20 15:16:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.07.25 10:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.05.31 04:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.03.11 11:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008.02.05 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.05.06 18:12:00 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007.04.28 00:37:24 | 000,202,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.04.17 07:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007.02.27 11:21:00 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [1999.10.30 05:35:08 | 000,024,348 | R--- | M] (Compaq Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.1
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.18 22:01:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.17 01:06:08 | 000,000,000 | ---D | M]
[2009.05.05 22:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla\Extensions
[2010.05.29 12:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions
[2009.06.14 00:14:18 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.05.29 12:52:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.27 08:38:38 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\searchplugins\daemon-search.xml
[2009.06.14 00:14:25 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Mozilla\Firefox\Profiles\6xp488uo.default\searchplugins\winamp-search.xml
[2009.05.05 22:04:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\IBM\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Help Update] C:\Program Files\IBM\Client Access\cwbinhlp.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Check Version] C:\Program Files\IBM\Client Access\cwbckver.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [DellRemote] C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe (Dell, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 9668430888 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 9668422653 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.4 89.101.160.5
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Evi\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Evi\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 04:34:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell - "" = AutoRun
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.28 20:15:03 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
========== Files/Folders - Created Within 30 Days ==========
[2010.06.05 18:16:14 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
[2010.06.02 20:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.02 20:47:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.20 00:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010.05.20 00:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010.05.16 04:21:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.05.16 04:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010.05.16 04:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010.05.16 04:20:43 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010.05.16 04:20:43 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010.05.16 04:20:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010.05.16 04:20:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010.05.16 04:20:42 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010.05.16 04:20:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010.05.16 04:20:42 | 000,000,000 | ---D | C] -- C:\84d13b0241b95b61619c136153
[2010.05.15 03:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010.05.15 03:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.05.15 03:09:52 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010.05.15 03:09:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.05 18:21:17 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Evi\NTUSER.DAT
[2010.06.05 18:16:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evi\Desktop\OTL.exe
[2010.06.05 18:14:18 | 000,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.05 18:14:18 | 000,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.05 18:14:18 | 000,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.05 18:10:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.05 18:10:25 | 000,031,681 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010.06.05 18:10:05 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.05 18:10:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010.06.05 18:10:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.05 18:10:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.05 18:09:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.05 18:08:52 | 004,836,458 | -H-- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\IconCache.db
[2010.06.05 17:32:37 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.04 00:06:05 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.03 22:31:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010.06.03 22:16:42 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Evi\ntuser.ini
[2010.06.01 00:28:24 | 000,232,448 | ---- | M] () -- C:\Documents and Settings\Evi\Desktop\sover_specification_170510(1).xls
[2010.05.30 03:28:49 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010.05.30 02:53:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\DriverRobot.job
[2010.05.20 00:16:58 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Media Sync.lnk
[2010.05.17 22:06:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.16 14:08:35 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk
[2010.05.16 12:37:19 | 000,031,681 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010.05.16 12:37:10 | 000,048,400 | ---- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.05.16 12:35:48 | 000,189,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.01 00:28:23 | 000,232,448 | ---- | C] () -- C:\Documents and Settings\Evi\Desktop\sover_specification_170510(1).xls
[2010.05.20 00:16:58 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BlackBerry Media Sync.lnk
[2010.05.20 00:10:25 | 735,218,303 | ---- | C] () -- C:\Documents and Settings\Evi\Desktop\The Princess And The Frog.mp4
[2010.05.15 12:59:20 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk
[2010.03.27 08:25:33 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.10.25 10:47:19 | 000,000,719 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.06.21 20:59:37 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.05.12 00:14:44 | 000,000,470 | ---- | C] () -- C:\WINDOWS\ikey.ini
[2009.05.12 00:14:42 | 000,040,960 | R--- | C] () -- C:\WINDOWS\LoadDll.dll
[2009.05.05 18:06:58 | 000,000,251 | ---- | C] () -- C:\WINDOWS\System32\drivers\hlldrvr.sys
[2009.05.05 18:06:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\qxdaedrs.dll
[2009.05.05 18:06:19 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\cwbrw.dll
[2009.05.05 18:06:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\cwbsv.dll
[2009.05.05 18:06:19 | 000,020,528 | ---- | C] () -- C:\WINDOWS\System32\cwbwiz.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbsy.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbnl.dll
[2009.05.05 18:06:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbco.dll
[2009.05.05 18:06:19 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbnldlg.dll
[2009.05.05 18:06:19 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\cwbad.dll
[2009.04.29 19:15:06 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009.04.29 19:15:05 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009.01.30 18:12:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.30 18:12:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.30 18:12:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.30 18:12:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 18:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 18:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 18:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.02 16:25:26 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.02.17 21:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 21:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2010.03.27 07:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.07.29 19:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2010.03.27 08:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.27 08:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010.05.20 00:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009.04.29 19:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2009.05.20 00:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.04.30 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Blitware
[2010.03.27 08:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Lite
[2010.03.27 08:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Pro
[2009.06.10 17:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ
[2009.05.05 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ Toolbar
[2010.05.15 03:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.06.05 18:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\uTorrent
[2009.05.01 00:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\WinBatch
[2010.05.30 03:28:49 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010.05.30 02:53:02 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\DriverRobot.job
[2010.06.05 18:10:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.06.10 10:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.03.27 07:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.05.20 00:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009.05.20 00:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.07.29 19:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2010.03.27 08:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.27 08:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009.05.02 01:39:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.05.12 22:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.04.15 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010.05.20 00:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009.04.30 04:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.06.05 18:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.04.29 19:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2009.05.18 00:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009.05.20 00:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.02.04 14:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\DifXInstall32.exe
[2009.05.20 00:30:56 | 000,075,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
< %APPDATA%\*. >
[2009.06.10 11:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Adobe
[2009.05.29 22:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Apple Computer
[2009.04.30 18:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Blitware
[2010.03.27 08:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Lite
[2010.03.27 08:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\DAEMON Tools Pro
[2009.08.06 17:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Help
[2009.06.10 17:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ
[2009.05.05 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\ICQ Toolbar
[2009.04.29 17:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Identities
[2009.04.29 19:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\InstallShield
[2009.04.30 04:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Macromedia
[2010.04.20 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Media Player Classic
[2010.04.17 11:38:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Evi\Application Data\Microsoft
[2009.05.05 22:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Mozilla
[2010.04.15 22:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Office Genuine Advantage
[2010.05.15 03:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Research in Motion
[2010.06.04 01:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Skype
[2010.06.04 00:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\skypePM
[2010.06.05 18:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\uTorrent
[2009.06.21 21:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\Winamp
[2009.05.01 00:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Evi\Application Data\WinBatch
< %APPDATA%\*.exe /s >
[2009.04.30 20:05:19 | 122,066,376 | ---- | M] (NVIDIA Corporation ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\0a28e3c5e3fe1ab672c6d5a54ad73d5d\179.48_notebook_winxp_32bit_beta.exe
[2009.04.30 18:23:29 | 003,187,424 | ---- | M] (Hewlett-Packard Development Company, L.P. ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\3d342672db9788d2f049fd98e50cc3a6\sp40969.exe
[2009.05.11 23:43:26 | 131,101,088 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\5fce25ca22a30a2c2f09e254feeb1e08\sp42040.exe
[2009.04.30 18:23:14 | 002,824,728 | ---- | M] (Intel Corporation) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\8fd9228c4e000c81d8f46596db3dec48\INF_allOS_9.1.0.1012_PV.exe
[2009.05.11 23:29:39 | 006,556,808 | ---- | M] (Hewlett-Packard Company ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\e0ae2b764abae4f76b578b282901a256\sp24796.exe
[2009.05.11 23:35:25 | 060,194,544 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\e3fdf851f29dc7217427c7e25346877f\sp42241.exe
[2009.05.01 02:15:16 | 060,194,544 | ---- | M] ( ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\downloads\f61f70ff0928d6a63d537ec6bd8492ac\sp42241.exe
[2010.05.16 14:08:27 | 005,394,208 | ---- | M] (Blitware Technology Inc. ) -- C:\Documents and Settings\Evi\Application Data\Blitware\DriverRobot\updates\abc95191a45adb07e02bfed478ab2665\driverrobot_setup.exe
[2009.05.04 22:07:14 | 001,915,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Evi\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.05.20 00:18:11 | 010,827,096 | ---- | M] () -- C:\Documents and Settings\Evi\Application Data\Research in Motion\BlackBerry Media Sync\AutoUpdate\Updates\3.0.0.39\BlackBerryMediaSync.exe
< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 07:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004.08.04 07:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.04 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2007.04.17 08:06:36 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=E2D8E32A93945F3FCE220D0F71FDFB27 -- C:\Program Files\Fingerprint Reader Suite\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: IASTOR.SYS >
[2007.02.12 22:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\dell\drivers\R154200\iastor.sys
< MD5 for: ISAPNP.SYS >
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.05.28 12:24:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 22:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.04 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.27 08:38:18 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.04.28 20:34:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.28 20:34:26 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.28 20:34:26 | 000,925,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.06.05 18:10:02 | 000,201,679 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.05 18:10:25 | 000,031,681 | ---- | M] () -- C:\WINDOWS\system32\nvModes.001
[2010.06.05 18:14:18 | 000,068,558 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.06.05 18:14:18 | 000,435,828 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.06.05 18:14:18 | 000,512,960 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.06.05 18:10:28 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Re: Prosim o preventivku
Extras.txt
OTL Extras logfile created on: 5.6.2010 18:18:27 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Evi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 220,27 Gb Total Space | 30,51 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,60 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVI-9F249AF2460
Current User Name: Evi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1275210071-789336058-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{125EB8DD-8316-4559-9951-E969929381BD}" = Dell Premium Remote Control
"{1882D3BE-8B8F-4EA3-9414-EB06CD5B9CD8}" = Modem Diagnostics Tool
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93539D60-1817-11D1-9504-00805F26A89C}" = Easy Access Button Support
"{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}" = Safari
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"BBMediaSyncUninstall" = BlackBerry Media Sync
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"ClientAccessExpress" = IBM iSeries Access for Windows
"Driver Robot" = Driver Robot
"Elantech" = ETDWare PS/2-x86 7.0.3.12 For WinXP
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.0 (Standard)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Dell Touchpad
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XTTB00001.XTTB00001Toolbar" = ICQ Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.7.2009 7:25:59 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.7.2009 5:59:58 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.7.2009 7:14:47 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 29.7.2009 15:12:43 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16876, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 6.8.2009 7:28:04 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16876, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 25.10.2009 5:28:40 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 7.0.6000.16915, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x02b99cb0.
Error - 27.3.2010 1:03:03 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 7.0.6000.16915, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x02939b9a.
Error - 27.3.2010 1:03:08 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1001
Description = Chybný blok 1527177931.
Error - 27.3.2010 1:16:23 | Computer Name = EVI-9F249AF2460 | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavatelov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: The data is invalid.
Error - 8.4.2010 12:29:07 | Computer Name = EVI-9F249AF2460 | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 29.5.2010 19:59:50 | Computer Name = EVI-9F249AF2460 | Source = Dhcp | ID = 1000
Description = Pocítac prišiel o prenájom adresy IP 192.168.1.10 na sietovej karte
so sietovou adresou 001F3B078E7B.
Error - 5.6.2010 12:18:54 | Computer Name = EVI-9F249AF2460 | Source = SRService | ID = 104
Description = Proces inicializácie služby Obnovovanie systému zlyhal.
Error - 5.6.2010 12:18:55 | Computer Name = EVI-9F249AF2460 | Source = Service Control Manager | ID = 7023
Description = Služba System Restore Service bola ukoncená s nasledujúcou chybou:
%%2
< End of report >
OTL Extras logfile created on: 5.6.2010 18:18:27 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Evi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 220,27 Gb Total Space | 30,51 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,60 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EVI-9F249AF2460
Current User Name: Evi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1275210071-789336058-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{125EB8DD-8316-4559-9951-E969929381BD}" = Dell Premium Remote Control
"{1882D3BE-8B8F-4EA3-9414-EB06CD5B9CD8}" = Modem Diagnostics Tool
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93539D60-1817-11D1-9504-00805F26A89C}" = Easy Access Button Support
"{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}" = Safari
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"BBMediaSyncUninstall" = BlackBerry Media Sync
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"ClientAccessExpress" = IBM iSeries Access for Windows
"Driver Robot" = Driver Robot
"Elantech" = ETDWare PS/2-x86 7.0.3.12 For WinXP
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.0 (Standard)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Dell Touchpad
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XTTB00001.XTTB00001Toolbar" = ICQ Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.7.2009 7:25:59 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.7.2009 5:59:58 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.7.2009 7:14:47 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16850, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 29.7.2009 15:12:43 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16876, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 6.8.2009 7:28:04 | Computer Name = EVI-9F249AF2460 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 7.0.6000.16876, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 25.10.2009 5:28:40 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 7.0.6000.16915, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x02b99cb0.
Error - 27.3.2010 1:03:03 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 7.0.6000.16915, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x02939b9a.
Error - 27.3.2010 1:03:08 | Computer Name = EVI-9F249AF2460 | Source = Application Error | ID = 1001
Description = Chybný blok 1527177931.
Error - 27.3.2010 1:16:23 | Computer Name = EVI-9F249AF2460 | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavatelov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: The data is invalid.
Error - 8.4.2010 12:29:07 | Computer Name = EVI-9F249AF2460 | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 29.5.2010 19:59:50 | Computer Name = EVI-9F249AF2460 | Source = Dhcp | ID = 1000
Description = Pocítac prišiel o prenájom adresy IP 192.168.1.10 na sietovej karte
so sietovou adresou 001F3B078E7B.
Error - 5.6.2010 12:18:54 | Computer Name = EVI-9F249AF2460 | Source = SRService | ID = 104
Description = Proces inicializácie služby Obnovovanie systému zlyhal.
Error - 5.6.2010 12:18:55 | Computer Name = EVI-9F249AF2460 | Source = Service Control Manager | ID = 7023
Description = Služba System Restore Service bola ukoncená s nasledujúcou chybou:
%%2
< End of report >
Re: Prosim o preventivku
To jste vlozila spravne do dvou prispevku - lepe se v tom orientuje
Jeste nez budeme mazat nekolik dotazu
Jeste nez budeme mazat nekolik dotazu
- tuhle IP adresu 89.101.160.4 mate schvalne - pripadne zkontrolujte dle smlouvy s poskytovatelem, jelikoz ukazuje nekam do Irska
- Tohle C:\Program Files\Driver Robot znate
- zitra tu budu az vecer, tak na to kouknu a dam skript na opravu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
No jo, ja som vlastne v Irsku, takze to bude asi preto ta IP adresa 
A ten program Driver Robot mi nic nehovori, ale vlastne mne tu ziaden program nic nehori... sorry, typicka pocitacovo zdatna baba (resp. nezdatna)
Krasny vecer prajem!
A ten program Driver Robot mi nic nehovori, ale vlastne mne tu ziaden program nic nehori... sorry, typicka pocitacovo zdatna baba (resp. nezdatna)
Krasny vecer prajem!
Re: Prosim o preventivku
Zdravim,
jsem dnes cely den mimo z rodinnych duvodu - na log kouknu zitra navecer!
Dekuji za pochopeni...
jsem dnes cely den mimo z rodinnych duvodu - na log kouknu zitra navecer!
Dekuji za pochopeni...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
Zdravim,
omlouvam se za me zpozdeni a dekuji za trpelivost a pochopeni...
Spustte znovu OTL
omlouvam se za me zpozdeni a dekuji za trpelivost a pochopeni...
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\S-1-5-21-1275210071-789336058-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe File not found [2010.06.04 00:06:05 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Evi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] :reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca6b564c-396c-11df-8894-0015c57e517c}] :commands [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS] [CREATERESTOREPOINT]- Nasledne kliknete na Opravit (FIX)
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
Teraz sa ospravedlnujem ja, na par dni som bola odcestovana...
takze som spravila ako ste kazali a tu je ten vysledok.
Dakujem velmi pekne za pomoc
All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Prefs.js: "Yahoo! Search" removed from browser.search.defaultenginename
Prefs.js: "http://slirsredirect.search.aol.com/sli ... ie7&query=" removed from browser.search.defaulturl
Prefs.js: "http://slirsredirect.search.aol.com/sli ... pab&query=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ETDWare deleted successfully.
C:\Documents and Settings\Evi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\002929_.tmp deleted successfully.
C:\WINDOWS\DUMP519a.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ca6b564c-396c-11df-8894-0015c57e517c}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Evi
->Temp folder emptied: 64620367 bytes
->Temporary Internet Files folder emptied: 2956445034 bytes
->FireFox cache emptied: 89879749 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 1938822 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 577761 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56178893 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49482646 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1121464392 bytes
Total Files Cleaned = 4 146,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: Evi
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.5.3 log created on 06132010_142704
Files\Folders moved on Reboot...
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\OAJNXTL1\afr[4].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\OAJNXTL1\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\afr[1].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\afr[2].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\honeypot_export[2].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
takze som spravila ako ste kazali a tu je ten vysledok.
Dakujem velmi pekne za pomoc
All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Prefs.js: "Yahoo! Search" removed from browser.search.defaultenginename
Prefs.js: "http://slirsredirect.search.aol.com/sli ... ie7&query=" removed from browser.search.defaulturl
Prefs.js: "http://slirsredirect.search.aol.com/sli ... pab&query=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-789336058-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ETDWare deleted successfully.
C:\Documents and Settings\Evi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\002929_.tmp deleted successfully.
C:\WINDOWS\DUMP519a.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca6b564c-396c-11df-8894-0015c57e517c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ca6b564c-396c-11df-8894-0015c57e517c}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Evi
->Temp folder emptied: 64620367 bytes
->Temporary Internet Files folder emptied: 2956445034 bytes
->FireFox cache emptied: 89879749 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 1938822 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 577761 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56178893 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49482646 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1121464392 bytes
Total Files Cleaned = 4 146,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: Evi
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.5.3 log created on 06132010_142704
Files\Folders moved on Reboot...
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\OAJNXTL1\afr[4].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\OAJNXTL1\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\afr[1].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\afr[2].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\Content.IE5\4XMW340P\honeypot_export[2].htm moved successfully.
C:\Documents and Settings\Evi\Local Settings\Temporary Internet Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosim o preventivku
Pekne nedelni odpoledne,
v pohode, nic se nedeje, hlavne ze jste se ozvala a muzem dat pc do pucu
Nemate zac, ale jeste neutikejte ceka nas uklid a kontrola...
PC se chova jiz dobre
v pohode, nic se nedeje, hlavne ze jste se ozvala a muzem dat pc do pucu
Nemate zac, ale jeste neutikejte
ceka nas uklid a kontrola...PC se chova jiz dobre
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o preventivku
Ja zatial nikam neutekam
no, citat karty a cd stale necita, ale net zatial ide... teda DNES zatial ide
ja si kludne pockam na vase dalsie prikazy
Krasny dnik!
no, citat karty a cd stale necita, ale net zatial ide... teda DNES zatial ide
ja si kludne pockam na vase dalsie prikazy
Krasny dnik!
Re: Prosim o preventivku
Zkuste preinstalovat ovladace ctecky karet i CD-Romky..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?