prosim o kontrolu logu

Zpráva

zuzkasuskova · #1 Příspěvek od **zuzkasuskova** » 10 srp 2010 19:05

pomalsi pc problem doubleclick, mozno trojan, crashuje mozilla

Logfile of random's system information tool 1.06 (written by random/random)
Run by Uzivatel at 2010-08-10 20:02:48
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 74 GB (57%) free of 130 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:02:54, on 10.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Uzivatel\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Uzivatel/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif

--
End of file - 7320 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1078081533-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1078081533-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-09 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-02-17 33595392]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-09 202256]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-05-19 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-05-07 1238352]
"cdloader"=C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe [2010-01-20 50520]
"RegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Uzivatel\Start Menu\Programs\Startup
GIGABYTE Gamer HUD Lite.lnk - C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe"="C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe:*:Enabled:Red Orchestra"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89f3b1a4-0db6-11df-90e8-002618d62672}]
shell\AutoRun\command - F:\autorun.exe
shell\phone\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90acac69-bc8b-11de-9027-002618d62672}]
shell\AutoRun\command - F:\SETUP.EXE
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3d0311c-01c1-11df-90c9-002618d62672}]
shell\AutoRun\command - F:\anoataly.exe
shell\open\command - F:\anoataly.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5b8dbac-01c3-11df-90cb-002618d62672}]
shell\AutoRun\command - F:\SERVICELAYER.EXE

======List of files/folders created in the last 1 months======

2010-08-10 20:02:48 ----D---- C:\rsit
2010-08-10 20:02:48 ----D---- C:\Program Files\trend micro
2010-08-10 16:43:24 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Goodsol
2010-08-10 16:42:41 ----D---- C:\Program Files\goodsol
2010-08-10 12:55:23 ----A---- C:\WINDOWS\iPlayer.INI
2010-08-10 12:53:30 ----D---- C:\Program Files\InterActual
2010-08-10 12:27:50 ----A---- C:\WINDOWS\DVDRegionFree.INI
2010-08-10 12:27:23 ----D---- C:\Program Files\DVD Region+CSS Free
2010-08-10 11:57:13 ----SHD---- C:\Config.Msi
2010-08-10 07:17:34 ----D---- C:\Program Files\Common Files\Java
2010-08-10 07:17:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-10 07:17:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-10 07:17:22 ----A---- C:\WINDOWS\system32\java.exe
2010-07-31 09:43:23 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Uniblue
2010-07-28 12:18:02 ----D---- C:\WINDOWS\Sun

======List of files/folders modified in the last 1 months======

2010-08-10 20:02:48 ----RD---- C:\Program Files
2010-08-10 20:02:46 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Skype
2010-08-10 19:54:15 ----D---- C:\Documents and Settings\Uzivatel\Application Data\skypePM
2010-08-10 19:16:45 ----D---- C:\Documents and Settings\Uzivatel\Application Data\BitTorrent
2010-08-10 18:39:47 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-10 18:36:33 ----D---- C:\Program Files\Mozilla Firefox
2010-08-10 18:36:30 ----SD---- C:\WINDOWS\Tasks
2010-08-10 18:34:49 ----D---- C:\WINDOWS\Temp
2010-08-10 18:34:35 ----D---- C:\WINDOWS
2010-08-10 18:34:23 ----D---- C:\Program Files\Steam
2010-08-10 18:33:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-10 16:42:41 ----D---- C:\WINDOWS\system32
2010-08-10 16:39:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-10 12:53:32 ----D---- C:\WINDOWS\Prefetch
2010-08-10 11:57:41 ----SHD---- C:\WINDOWS\Installer
2010-08-10 11:57:25 ----HD---- C:\WINDOWS\inf
2010-08-10 11:57:25 ----D---- C:\WINDOWS\system32\drivers
2010-08-10 07:17:34 ----D---- C:\Program Files\Common Files
2010-08-10 07:17:21 ----D---- C:\Program Files\Java
2010-08-02 23:28:57 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-07-23 10:35:21 ----D---- C:\Program Files\Native Instruments
2010-07-18 23:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-05-19 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-05-19 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-19 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-02-16 1057024]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-05-19 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 10 srp 2010 19:11

Zdravim a pekny vecer preji

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Spustte a kliknete na Deletion
Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

zuzkasuskova · #3 Příspěvek od **zuzkasuskova** » 10 srp 2010 19:30

toto je usb kluc:
############################## | UsbFix 7.019 | [Deletion]

User: Uzivatel (Administrator) # HOMEPC [ ]
Updated 03/08/10 by El Desaparecido / C_XX
Started at 20:15:36 | 10/08/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Celeron(R) CPU E1500 @ 2.20GHz
CPU 2: Intel(R) Celeron(R) CPU E1500 @ 2.20GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180

Windows Firewall: Enabled
RAM -> 2047 Mb
C:\ (%systemdrive%) -> Fixed drive # 127 Gb (73 Mb free - 57%) [Hard drive] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 106 Gb (106 Mb free - 100%) [] # NTFS
F:\ -> Removable drive # 8 Gb (1 Mb free - 13%) [GRETKA] # FAT32

################## | Files # Infected Folders |

Not deleted ! D:\Autorun.inf
Not deleted ! D:\Win

################## | Registry |

Not deleted ! HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHNAS
Not deleted ! HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SSHNAS
Not deleted ! HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SSHNAS

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{89f3b1a4-0db6-11df-90e8-002618d62672}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{90acac69-bc8b-11de-9027-002618d62672}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e3d0311c-01c1-11df-90c9-002618d62672}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f5b8dbac-01c3-11df-90cb-002618d62672}

################## | Listing |

[19/10/2009 - 15:31:12 | A | 0] C:\AUTOEXEC.BAT
[19/10/2009 - 15:27:02 | SH | 211] C:\boot.ini
[10/08/2010 - 18:34:07 | SHD ] C:\Config.Msi
[19/10/2009 - 15:31:12 | A | 0] C:\CONFIG.SYS
[08/06/2010 - 08:45:30 | D ] C:\Documents and Settings
[19/10/2009 - 15:40:10 | D ] C:\Intel
[19/10/2009 - 15:31:12 | RASH | 0] C:\IO.SYS
[08/05/2010 - 17:40:56 | A | 106] C:\mbam-error.txt
[19/10/2009 - 15:31:12 | RASH | 0] C:\MSDOS.SYS
[19/10/2009 - 10:48:48 | RHD ] C:\MSOCache
[16/02/2010 - 11:00:11 | D ] C:\NKPlus
[19/05/2008 - 17:58:48 | RASH | 47564] C:\NTDETECT.COM
[19/05/2008 - 17:58:47 | RASH | 250032] C:\ntldr
[10/08/2010 - 18:34:10 | ASH | 2145386496] C:\pagefile.sys
[10/08/2010 - 20:02:48 | RD ] C:\Program Files
[10/08/2010 - 20:16:50 | SHD ] C:\RECYCLER
[10/08/2010 - 20:03:48 | D ] C:\rsit
[15/01/2010 - 12:48:38 | SHD ] C:\System Volume Information
[10/08/2010 - 20:16:50 | D ] C:\UsbFix
[10/08/2010 - 20:16:49 | A | 841] C:\UsbFix.txt
[10/08/2010 - 18:34:35 | D ] C:\WINDOWS
[14/07/2001 - 00:11:22 | R | 73] D:\AUTORUN.INF
[12/07/2003 - 03:43:00 | R | 1080961] D:\InterActual_Player.dmg
[11/07/2003 - 18:56:56 | RD ] D:\JACKET_P
[19/10/2002 - 00:12:26 | R | 13914] D:\README.TXT
[12/07/2003 - 03:42:59 | R | 126394] D:\ReadMe_Mac.pdf
[17/07/2003 - 05:14:00 | RD ] D:\VIDEO_TS
[11/07/2003 - 03:32:36 | RD ] D:\common
[09/07/2003 - 22:56:34 | R | 149] D:\disc.id
[09/04/2002 - 23:52:18 | R | 738304] D:\install.exe
[11/07/2003 - 03:32:34 | RD ] D:\win
[10/08/2010 - 20:16:50 | SHD ] E:\RECYCLER
[15/01/2010 - 12:48:38 | SHD ] E:\System Volume Information
[16/03/2010 - 19:45:20 | HD ] F:\.Trashes
[16/03/2010 - 19:45:20 | AH | 4096] F:\._.Trashes
[16/03/2010 - 19:45:20 | HD ] F:\.Spotlight-V100
[20/03/2010 - 15:14:46 | D ] F:\Digidesign Databases
[13/05/2010 - 13:51:50 | D ] F:\hudba
[02/06/2010 - 18:08:50 | D ] F:\Skodcovia polno plodin
[16/05/2010 - 16:52:32 | D ] F:\SG_Dreamcatcher_2001
[16/05/2010 - 17:04:34 | D ] F:\SG_Earthsongs_2004
[02/06/2010 - 18:09:58 | D ] F:\Ekonomika
[14/07/2010 - 00:18:02 | D ] F:\20100713
[22/02/2010 - 11:58:32 | A | 118272] F:\Najomna zmluva agria nova.doc
[11/05/2010 - 10:05:24 | A | 120320] F:\Nova najomna zmluva Agria.doc
[21/04/2010 - 07:51:32 | HD ] F:\.fseventsd
[12/05/2010 - 22:33:40 | D ] F:\ucto
[22/02/2010 - 12:50:54 | D ] F:\Zmluvy
[08/10/2008 - 06:30:24 | D ] F:\Gretka own music
[21/04/2010 - 09:45:06 | D ] F:\Nový priečinok
[27/02/2010 - 07:58:28 | D ] F:\buriny
[13/07/2010 - 20:34:10 | A | 2089418752] F:\Twilight - New Moon 2009 Cz Dabing.avi
[16/05/2010 - 17:14:04 | RD ] F:\SG_Once_in_the_red_Moon_2002
[16/05/2010 - 17:27:34 | RD ] F:\SG_Dawn_of_a_New_Century_1999
[02/07/2010 - 04:47:50 | A | 321024] F:\IO_II__podla_abecedy_tahak.doc
[05/03/2010 - 09:31:10 | D ] F:\bydleni
[10/05/2010 - 12:32:36 | A | 14691] F:\Detail príkazu z EB.docx
[24/05/2010 - 15:50:26 | D ] F:\aktualizovane_UaEPvZV_vypr._otazky
[28/06/2010 - 10:09:18 | A | 1583702] F:\Danovy urad vyzva.jpg
[30/08/2008 - 07:20:42 | D ] F:\Trance Energy 2006
[04/07/2010 - 12:50:00 | D ] F:\VA_-_Deep_Trance_Vol_10-3CD-2009-QMI
[23/07/2010 - 10:28:52 | A | 1468891136] F:\Labyrint lzi CZ-KVALITU ZARUČUJI.avi
[03/08/2010 - 10:28:46 | A | 1719855908] F:\Prokletý ostrov.avi
[19/09/2008 - 08:02:12 | A | 105059] F:\LV 260.pdf
[16/03/2010 - 19:41:40 | RA | 164864] F:\Rozpocet Gita.xls
[26/03/2010 - 05:16:00 | A | 36864] F:\Zmluva o odstránení zvy_kov stavby - Bujnová.doc

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_HOMEPC.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

zuzkasuskova · #4 Příspěvek od **zuzkasuskova** » 10 srp 2010 19:31

OTL.txt

OTL logfile created on: 10.8.2010 20:24:32 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Uzivatel\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 126,96 Gb Total Space | 72,89 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
Drive D: | 6,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 105,92 Gb Total Space | 105,85 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive F: | 7,52 Gb Total Space | 1,00 Gb Free Space | 13,34% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOMEPC
Current User Name: Uzivatel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.10 20:21:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uzivatel\Desktop\OTL.exe
PRC - [2010.07.22 14:54:18 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.05.19 17:59:49 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.08.10 20:21:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uzivatel\Desktop\OTL.exe
MOD - [2008.05.19 17:58:58 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.04 01:57:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009.10.07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.05.02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)

========== Driver Services (SafeList) ==========

DRV - [2009.10.07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.04.30 23:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009.02.16 04:25:52 | 001,057,024 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.01.22 10:25:26 | 000,120,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.10.07 07:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.02.29 04:13:36 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008.02.29 04:12:56 | 000,063,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008.02.29 04:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008.02.14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005.08.15 11:08:26 | 000,127,488 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2005.08.15 11:08:26 | 000,005,888 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.09 08:14:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.22 14:54:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.22 14:54:24 | 000,000,000 | ---D | M]

[2009.10.19 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Mozilla\Extensions
[2009.12.15 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Mozilla\Firefox\Profiles\7zczd529.default\extensions
[2009.12.15 18:15:07 | 000,000,434 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Application Data\Mozilla\Firefox\Profiles\7zczd529.default\searchplugins\fast-browser-search.xml
[2010.08.10 10:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.29 19:23:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.10 07:17:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.08.24 21:37:14 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.08.24 21:37:14 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.08.24 21:37:14 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.08.24 21:37:14 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.08.24 21:37:14 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.08.24 21:37:14 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2008.05.19 17:59:39 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - Reg Error: Value error. File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1715567821-1078081533-725345543-1003..\Run: [cdloader] C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-1715567821-1078081533-725345543-1003..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found
O4 - HKU\S-1-5-21-1715567821-1078081533-725345543-1003..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\Uzivatel\Start Menu\Programs\Startup\GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Uzivatel/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Uzivatel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Uzivatel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.19 15:31:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.08.10 20:16:54 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001.07.14 00:11:22 | 000,000,073 | R--- | M] () - D:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2010.08.10 20:16:54 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.08.10 20:16:56 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 7 Days ==========

[2010.08.10 20:21:24 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Uzivatel\Desktop\OTL.exe
[2010.08.10 20:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.08.10 20:16:54 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2010.08.10 20:15:27 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.08.10 20:14:24 | 001,207,265 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\Uzivatel\Desktop\UsbFix.exe
[2010.08.10 20:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.10 20:02:48 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.10 16:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uzivatel\Application Data\Goodsol
[2010.08.10 16:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\goodsol
[2010.08.10 12:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2010.08.10 12:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Region+CSS Free
[2010.08.10 07:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.10 07:17:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.10 07:17:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.10 07:17:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.08.10 20:21:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uzivatel\Desktop\OTL.exe
[2010.08.10 20:18:19 | 011,796,480 | -H-- | M] () -- C:\Documents and Settings\Uzivatel\NTUSER.DAT
[2010.08.10 20:17:10 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1078081533-725345543-1003.job
[2010.08.10 20:17:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1078081533-725345543-1003.job
[2010.08.10 20:16:55 | 003,569,000 | ---- | M] () -- C:\UsbFix_Upload_Me_HOMEPC.zip
[2010.08.10 20:14:27 | 001,207,265 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\Uzivatel\Desktop\UsbFix.exe
[2010.08.10 19:56:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.10 18:40:38 | 000,061,952 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.10 18:39:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.10 18:34:22 | 000,200,819 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.08.10 18:34:16 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.10 18:34:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.10 18:34:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.10 18:33:28 | 006,898,882 | -H-- | M] () -- C:\Documents and Settings\Uzivatel\Local Settings\Application Data\IconCache.db
[2010.08.10 18:01:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.10 16:42:42 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Desktop\Pretty Good Solitaire 500.lnk
[2010.08.10 12:55:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2010.08.10 12:53:34 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2010.08.10 12:27:54 | 000,000,067 | ---- | M] () -- C:\WINDOWS\DVDRegionFree.INI
[2010.08.09 14:30:40 | 000,141,313 | ---- | M] () -- C:\Documents and Settings\Uzivatel\Desktop\cenniknarok2010.pdf
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.10 20:16:55 | 003,569,000 | ---- | C] () -- C:\UsbFix_Upload_Me_HOMEPC.zip
[2010.08.10 16:42:42 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Desktop\Pretty Good Solitaire 500.lnk
[2010.08.10 12:55:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.08.10 12:53:34 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2010.08.10 12:27:50 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2010.08.09 14:30:40 | 000,141,313 | ---- | C] () -- C:\Documents and Settings\Uzivatel\Desktop\cenniknarok2010.pdf
[2010.02.21 18:43:27 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.02.21 18:43:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.02.21 18:43:19 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.21 18:43:19 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.21 18:43:14 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.21 18:43:14 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.02.15 13:06:00 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.11.18 13:42:38 | 000,000,730 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.10.24 15:32:35 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.10.19 15:36:26 | 000,022,555 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.10.19 15:36:04 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.10.19 15:35:54 | 000,015,827 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.10.19 15:35:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.10.07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009.04.30 23:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008.10.07 07:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.10.07 07:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.10.07 07:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.10.07 07:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 07:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.05.19 17:58:30 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010.08.10 19:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\BitTorrent
[2010.03.11 12:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\deskUNPDF
[2010.06.07 08:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\ESET
[2010.08.10 16:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Goodsol
[2010.01.03 12:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Juce VST Host
[2009.12.23 22:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Leadertech
[2010.02.04 14:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp
[2010.07.31 09:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Uniblue
[2010.02.28 18:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.05.19 18:09:26 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2010.05.07 06:44:47 | 001,238,352 | ---- | M] (Valve Corporation)
"cdloader" = "C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe" MAGICJACK -- [2010.01.20 01:55:48 | 000,050,520 | ---- | M] (magicJack L.P.)
"RegistryBooster" = "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 -- File not found

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.01.16 13:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.06.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.06.14 10:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.12.23 22:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2009.10.19 10:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009.10.30 21:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.01.24 10:48:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.12.09 00:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.01.15 12:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.01.15 12:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2002.01.01 00:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2010.03.11 21:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2009.11.23 21:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.06.29 19:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2009.10.21 13:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009.10.29 07:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.05.08 17:40:15 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

< %APPDATA%\*. >
[2009.10.19 11:13:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Adobe
[2009.11.14 19:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Ahead
[2010.06.14 11:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Apple Computer
[2010.08.10 19:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\BitTorrent
[2010.03.11 12:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\deskUNPDF
[2010.06.07 08:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\ESET
[2010.08.10 16:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Goodsol
[2010.02.11 11:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Google
[2010.04.06 20:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Help
[2009.10.19 15:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Identities
[2009.11.19 10:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\InstallShield
[2010.01.03 12:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Juce VST Host
[2009.12.23 22:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Leadertech
[2009.10.19 10:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Logitech
[2009.10.19 11:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Macromedia
[2009.10.30 21:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Malwarebytes
[2010.06.02 11:08:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft
[2010.02.04 14:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp
[2009.10.19 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Mozilla
[2010.05.25 18:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Real
[2010.08.10 20:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Skype
[2010.08.10 19:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\skypePM
[2010.06.29 19:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Sun
[2010.07.31 09:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\Uniblue
[2010.02.28 18:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\uTorrent
[2009.10.24 15:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uzivatel\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2009.11.19 10:36:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
[2009.10.19 16:03:17 | 000,001,150 | R--- | M] () -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\ARPPRODUCTICON.exe
[2009.10.19 16:03:17 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\HUD.exe_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2009.10.19 16:03:17 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\NewShortcut1_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2009.10.19 16:03:17 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Uzivatel\Application Data\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\UNINST_Uninstall_Gam_8FE4D08663BD44EB882CC7EA5A1EF016.exe
[2010.01.20 01:55:48 | 000,050,520 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe
[2010.01.20 01:58:14 | 012,482,904 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe
[2010.01.20 02:00:42 | 000,416,248 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJackLoader.exe
[2010.01.20 01:55:52 | 000,441,704 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJackSplash.exe
[2010.01.20 01:57:14 | 000,730,032 | -H-- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ar00000\install.exe
[2008.07.10 16:42:26 | 000,464,232 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ar00000\magicJackSplash.exe
[2008.07.10 16:44:40 | 000,083,288 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ar00000\mjsetup.exe
[2010.01.20 01:55:52 | 000,441,704 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\in00000\magicJackSplash.exe
[2010.01.20 01:57:12 | 000,087,384 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\in00000\mjsetup.exe
[2010.01.20 02:00:46 | 006,551,808 | -H-- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\in00000\setup.exe
[2010.01.20 01:55:52 | 000,441,704 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\st00000\magicJackSplash.exe
[2010.01.20 02:00:06 | 000,087,384 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\st00000\mjsetup.exe
[2010.01.20 01:57:14 | 000,730,032 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ug00000\install.exe
[2010.01.20 01:55:52 | 000,441,704 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ug00000\magicJackSplash.exe
[2010.01.20 02:00:46 | 006,551,808 | ---- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\ug00000\setup.exe
[2010.01.20 01:57:14 | 000,730,032 | -H-- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\Upgrade\install1.exe
[2010.01.20 02:00:46 | 006,551,808 | -H-- | M] (magicJack L.P.) -- C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\Upgrade\setup1.exe

< MD5 for: AGP440.SYS >
[2008.05.19 17:57:46 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.05.19 17:57:46 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\autochk.exe
[2008.05.19 18:09:05 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2008.05.19 18:09:05 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.05.19 17:57:46 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cdrom.sys
[2008.05.19 18:09:25 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.05.19 18:09:26 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\system32\cryptsvc.dll
[2008.05.19 18:09:26 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008.05.19 17:59:51 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.05.19 17:59:51 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2008.05.19 17:59:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2008.05.19 17:59:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.05.19 17:57:46 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hal.dll
[2008.05.19 17:59:43 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.05.19 17:57:46 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\changer.sys

< MD5 for: IASTOR.SYS >
[2008.05.19 18:18:42 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\isapnp.sys
[2001.08.17 13:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.08.17 13:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.05.19 17:59:29 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2008.05.19 17:59:29 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.05.19 17:59:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.05.19 17:59:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ndis.sys
[2008.05.19 17:58:55 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.05.19 17:58:55 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2008.05.19 17:58:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.05.19 17:58:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.05.19 17:58:31 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.05.19 17:58:31 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\smss.exe
[2008.05.19 17:58:25 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.05.19 17:58:25 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2008.05.19 17:58:18 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.05.19 17:58:18 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.05.19 17:58:16 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.05.19 17:58:09 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.05.19 17:58:09 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.05.19 17:58:03 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.05.19 17:58:03 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2_32.dll
[2008.05.19 17:57:58 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.05.19 17:57:58 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.10.19 17:22:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.10.19 17:22:15 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.10.19 17:22:15 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.08.10 07:17:21 | 000,005,081 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.6.0_21-b07.log
[2010.08.10 18:34:22 | 000,200,819 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.08.10 18:01:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

zuzkasuskova · #5 Příspěvek od **zuzkasuskova** » 10 srp 2010 19:32

Extras.txt

OTL Extras logfile created on: 10.8.2010 20:24:32 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Uzivatel\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 126,96 Gb Total Space | 72,89 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
Drive D: | 6,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 105,92 Gb Total Space | 105,85 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
Drive F: | 7,52 Gb Total Space | 1,00 Gb Free Space | 13,34% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOMEPC
Current User Name: Uzivatel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe" = C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe:*:Enabled:Red Orchestra -- ()
"C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00B0-041B-0000-0000000FF1CE}" = Doplnok Microsoft Save as PDF pre programy balíka 2007 Microsoft Office
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-A93000000001}" = Adobe Reader 9.3.3 - Slovak
"{BB03BFFA-5B90-36A6-C8B9-DB10CF781051}" = Nero 7 Demo
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Zem
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASIO4ALL" = ASIO4ALL
"BitTorrent" = BitTorrent
"Collab" = Collab
"FL Studio 8" = FL Studio 8
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InterActual Player" = InterActual Player
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Nebeský kalendár Plus" = Nebeský kalendár Plus
"NVIDIA Drivers" = NVIDIA Drivers
"PoiZone" = PoiZone
"Pretty Good Solitaire - Invention Card Set_is1" = Pretty Good Solitaire - Invention Card Set
"Pretty Good Solitaire 500_is1" = Pretty Good Solitaire 500 version 8.1.1
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"Steam App 1200" = Red Orchestra
"SymSolon" = SymSolon 0.6
"Toxic Biohazard" = Toxic Biohazard
"Usbfix" = Usbfix By C_XX & El Desaparecido
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1715567821-1078081533-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.7.2010 20:59:38 | Computer Name = HOMEPC | Source = Google Update | ID = 20
Description =

Error - 20.7.2010 21:59:37 | Computer Name = HOMEPC | Source = Google Update | ID = 20
Description =

Error - 20.7.2010 22:59:39 | Computer Name = HOMEPC | Source = Google Update | ID = 20
Description =

Error - 23.7.2010 4:34:09 | Computer Name = HOMEPC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie traktordjstudio3.exe, verzia 3.4.1.40, zlyhanie
modulu traktordjstudio3.exe, verzia 3.4.1.40, adresa zlyhania 0x000312d2.

Error - 10.8.2010 5:57:17 | Computer Name = HOMEPC | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error - 10.8.2010 5:57:17 | Computer Name = HOMEPC | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error - 10.8.2010 6:44:24 | Computer Name = HOMEPC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 6.0.2900.2180, zlyhanie modulu
mshtml.dll, verzia 6.0.2900.3627, adresa zlyhania 0x00271fb6.

Error - 10.8.2010 6:44:35 | Computer Name = HOMEPC | Source = Application Error | ID = 1001
Description = Chybný blok 1505920440.

Error - 10.8.2010 6:54:19 | Computer Name = HOMEPC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iPlayer.exe, verzia 2.4.8.409, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 10.8.2010 10:45:21 | Computer Name = HOMEPC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 6.0.2900.2180, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x633da439.

[ System Events ]
Error - 3.7.2010 22:22:18 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Remote Registry zlyhalo kvôli nasledujúcej chybe:
%%1069

Error - 20.7.2010 23:18:10 | Computer Name = HOMEPC | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.2 adresy IP pre
sieťovú kartu so sieťovou adresou 002618D62672 (server DHCP odoslal hlásenie DHCPNACK).

Error - 4.8.2010 7:46:44 | Computer Name = HOMEPC | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.2 adresy IP pre
sieťovú kartu so sieťovou adresou 002618D62672 (server DHCP odoslal hlásenie DHCPNACK).

Error - 8.8.2010 13:10:52 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7038
Description = Služba RemoteRegistry sa nemohla s aktuálne nakonfigurovaným heslom
prihlásiť ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete
zabezpečiť správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft
Management
Console).

Error - 8.8.2010 13:10:52 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Remote Registry zlyhalo kvôli nasledujúcej chybe:
%%1069

Error - 10.8.2010 14:15:39 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.

Error - 10.8.2010 14:15:39 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát.

Error - 10.8.2010 14:15:39 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7034
Description = Služba Process Monitor sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 10.8.2010 14:15:39 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7031
Description = Služba Print Spooler sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 10.8.2010 14:15:39 | Computer Name = HOMEPC | Source = Service Control Manager | ID = 7034
Description = Služba Application Layer Gateway Service sa neočakávane ukončila.
Služba sa týmto spôsobom ukončila už 1 krát.

< End of report >

#6 Příspěvek od **vyosek** » 10 srp 2010 19:46

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:services
SSHNAS

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

zuzkasuskova · #7 Příspěvek od **zuzkasuskova** » 10 srp 2010 20:05

All processes killed
========== OTL ==========
Prefs.js: "Fast Browser Search" removed from browser.search.defaultenginename
Prefs.js: "Fast Browser Search" removed from browser.search.defaultthis.engineName
Prefs.js: "Fast Browser Search" removed from browser.search.order.1
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named SSHNAS was found to stop!
Service\Driver key SSHNAS not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Temp\coFC.tmp moved successfully.
C:\WINDOWS\Temp\exp1375.tmp moved successfully.
C:\WINDOWS\Temp\exp1380.tmp moved successfully.
C:\WINDOWS\Temp\exp13EF.tmp moved successfully.
C:\WINDOWS\Temp\exp14.tmp moved successfully.
C:\WINDOWS\Temp\exp1415.tmp moved successfully.
C:\WINDOWS\Temp\exp15.tmp moved successfully.
C:\WINDOWS\Temp\exp16.tmp moved successfully.
C:\WINDOWS\Temp\exp1634.tmp moved successfully.
C:\WINDOWS\Temp\exp17.tmp moved successfully.
C:\WINDOWS\Temp\exp18.tmp moved successfully.
C:\WINDOWS\Temp\exp1881.tmp moved successfully.
C:\WINDOWS\Temp\exp19.tmp moved successfully.
C:\WINDOWS\Temp\exp1A.tmp moved successfully.
C:\WINDOWS\Temp\exp1B.tmp moved successfully.
C:\WINDOWS\Temp\exp1BC5.tmp moved successfully.
C:\WINDOWS\Temp\exp1C.tmp moved successfully.
C:\WINDOWS\Temp\exp1D.tmp moved successfully.
C:\WINDOWS\Temp\exp1E.tmp moved successfully.
C:\WINDOWS\Temp\exp1F.tmp moved successfully.
C:\WINDOWS\Temp\exp20.tmp moved successfully.
C:\WINDOWS\Temp\exp21.tmp moved successfully.
C:\WINDOWS\Temp\exp211F.tmp moved successfully.
C:\WINDOWS\Temp\exp253A.tmp moved successfully.
C:\WINDOWS\Temp\exp29FB.tmp moved successfully.
C:\WINDOWS\Temp\exp2E.tmp moved successfully.
C:\WINDOWS\Temp\exp2FFE.tmp moved successfully.
C:\WINDOWS\Temp\exp3370.tmp moved successfully.
C:\WINDOWS\Temp\exp353F.tmp moved successfully.
C:\WINDOWS\Temp\exp41.tmp moved successfully.
C:\WINDOWS\Temp\exp412.tmp moved successfully.
C:\WINDOWS\Temp\exp5.tmp moved successfully.
C:\WINDOWS\Temp\exp588.tmp moved successfully.
C:\WINDOWS\Temp\exp65B3.tmp moved successfully.
C:\WINDOWS\Temp\exp664.tmp moved successfully.
C:\WINDOWS\Temp\exp74A.tmp moved successfully.
C:\WINDOWS\Temp\exp771.tmp moved successfully.
C:\WINDOWS\Temp\exp82.tmp moved successfully.
C:\WINDOWS\Temp\exp8B.tmp moved successfully.
C:\WINDOWS\Temp\exp9D6.tmp moved successfully.
C:\WINDOWS\Temp\expB86.tmp moved successfully.
C:\WINDOWS\Temp\expE.tmp moved successfully.
C:\WINDOWS\Temp\expE7F.tmp moved successfully.
C:\WINDOWS\Temp\expE9B.tmp moved successfully.
C:\WINDOWS\Temp\expEA9.tmp moved successfully.
C:\WINDOWS\Temp\is1389.tmp moved successfully.
C:\WINDOWS\Temp\is138B.tmp moved successfully.
C:\WINDOWS\Temp\is181.tmp moved successfully.
C:\WINDOWS\Temp\is183.tmp moved successfully.
C:\WINDOWS\Temp\is2E.tmp moved successfully.
C:\WINDOWS\Temp\is30.tmp moved successfully.
C:\WINDOWS\Temp\IXP000.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP001.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP002.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP003.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP004.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP005.TMP folder moved successfully.
C:\WINDOWS\Temp\IXP006.TMP folder moved successfully.
C:\WINDOWS\Temp\JET59C8.tmp moved successfully.
C:\WINDOWS\Temp\JET6C17.tmp moved successfully.
C:\WINDOWS\Temp\JET73E7.tmp moved successfully.
C:\WINDOWS\Temp\JET73E8.tmp moved successfully.
C:\WINDOWS\Temp\JET7649.tmp moved successfully.
C:\WINDOWS\Temp\JET783D.tmp moved successfully.
C:\WINDOWS\Temp\JET7ADD.tmp moved successfully.
C:\WINDOWS\Temp\JET7BE6.tmp moved successfully.
C:\WINDOWS\Temp\JET8116.tmp moved successfully.
C:\WINDOWS\Temp\JET8481.tmp moved successfully.
C:\WINDOWS\Temp\JET85AA.tmp moved successfully.
C:\WINDOWS\Temp\JET89CC.tmp moved successfully.
C:\WINDOWS\Temp\JET8C80.tmp moved successfully.
C:\WINDOWS\Temp\JET9D88.tmp moved successfully.
C:\WINDOWS\Temp\JETA354.tmp moved successfully.
C:\WINDOWS\Temp\JETB229.tmp moved successfully.
C:\WINDOWS\Temp\JETB96C.tmp moved successfully.
C:\WINDOWS\Temp\JETC2F2.tmp moved successfully.
C:\WINDOWS\Temp\JETE510.tmp moved successfully.
C:\WINDOWS\Temp\JETE86C.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Uzivatel
->Temp folder emptied: 207260762 bytes
->Temporary Internet Files folder emptied: 8993908 bytes
->Java cache emptied: 37622 bytes
->FireFox cache emptied: 59387047 bytes
->Flash cache emptied: 202115 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 100755422 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 359,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.9.1 log created on 08102010_204938

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#8 Příspěvek od **vyosek** » 10 srp 2010 20:06

Co na to PC, jak se chova

zuzkasuskova · #9 Příspěvek od **zuzkasuskova** » 10 srp 2010 20:09

vynikajuco

ide uplne super...dufam ze uz netreba nic..dakujem

#10 Příspěvek od **vyosek** » 10 srp 2010 20:10

Jen pro jistotu:

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

zuzkasuskova · #11 Příspěvek od **zuzkasuskova** » 10 srp 2010 20:37

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4413

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

10.8.2010 21:37:23
mbam-log-2010-08-10 (21-37-23).txt

Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Objektov kontrolovaných: 185267
Uplynulý čas: 22 min, 10 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

#12 Příspěvek od **vyosek** » 10 srp 2010 20:39

Takze super, uklidime po me

MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho

Znovu spusťte Usbfix a zvolte možnost Uninstall.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A jeste poprosim o novy log ze RSITu

zuzkasuskova · #13 Příspěvek od **zuzkasuskova** » 10 srp 2010 20:54

urobila som vsetko tu je ten RSIT log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Uzivatel at 2010-08-10 21:54:21
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 78 GB (60%) free of 130 GB
Total RAM: 2047 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:24, on 10.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Uzivatel\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Uzivatel/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif

--
End of file - 6731 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1078081533-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1078081533-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-09 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-02-17 33595392]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-09 202256]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-05-19 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-05-07 1238352]
"cdloader"=C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\cdloader2.exe [2010-01-20 50520]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Uzivatel\Start Menu\Programs\Startup
GIGABYTE Gamer HUD Lite.lnk - C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe"="C:\Program Files\Steam\steamapps\common\red orchestra\System\RedOrchestra.exe:*:Enabled:Red Orchestra"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\Uzivatel\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

======List of files/folders created in the last 1 months======

2010-08-10 21:54:21 ----D---- C:\rsit
2010-08-10 21:49:39 ----D---- C:\Program Files\CCleaner
2010-08-10 20:18:16 ----D---- C:\Program Files\Common Files\Skype
2010-08-10 20:16:54 ----RASHD---- C:\Autorun.inf
2010-08-10 20:15:27 ----D---- C:\UsbFix
2010-08-10 20:02:48 ----D---- C:\Program Files\trend micro
2010-08-10 16:43:24 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Goodsol
2010-08-10 16:42:41 ----D---- C:\Program Files\goodsol
2010-08-10 12:55:23 ----A---- C:\WINDOWS\iPlayer.INI
2010-08-10 12:53:30 ----D---- C:\Program Files\InterActual
2010-08-10 12:27:50 ----A---- C:\WINDOWS\DVDRegionFree.INI
2010-08-10 12:27:23 ----D---- C:\Program Files\DVD Region+CSS Free
2010-08-10 07:17:34 ----D---- C:\Program Files\Common Files\Java
2010-08-10 07:17:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-10 07:17:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-10 07:17:22 ----A---- C:\WINDOWS\system32\java.exe
2010-07-31 09:43:23 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Uniblue
2010-07-28 12:18:02 ----D---- C:\WINDOWS\Sun

======List of files/folders modified in the last 1 months======

2010-08-10 21:53:45 ----SD---- C:\WINDOWS\Tasks
2010-08-10 21:53:14 ----SHD---- C:\WINDOWS\Installer
2010-08-10 21:53:14 ----RD---- C:\Program Files\Skype
2010-08-10 21:50:34 ----D---- C:\WINDOWS\Debug
2010-08-10 21:50:34 ----D---- C:\WINDOWS
2010-08-10 21:49:39 ----RD---- C:\Program Files
2010-08-10 21:48:03 ----D---- C:\Program Files\Mozilla Firefox
2010-08-10 21:47:51 ----D---- C:\WINDOWS\Temp
2010-08-10 21:47:30 ----D---- C:\Program Files\Steam
2010-08-10 21:46:51 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-10 21:28:33 ----D---- C:\Documents and Settings\Uzivatel\Application Data\Skype
2010-08-10 21:14:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-10 21:13:59 ----D---- C:\WINDOWS\system32\drivers
2010-08-10 20:50:07 ----SHD---- C:\System Volume Information
2010-08-10 20:50:07 ----D---- C:\WINDOWS\system32\Restore
2010-08-10 20:49:38 ----D---- C:\WINDOWS\system32
2010-08-10 20:39:28 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-10 20:18:16 ----D---- C:\Program Files\Common Files
2010-08-10 20:16:50 ----SHD---- C:\RECYCLER
2010-08-10 19:54:15 ----D---- C:\Documents and Settings\Uzivatel\Application Data\skypePM
2010-08-10 19:16:45 ----D---- C:\Documents and Settings\Uzivatel\Application Data\BitTorrent
2010-08-10 16:39:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-10 12:53:32 ----D---- C:\WINDOWS\Prefetch
2010-08-10 11:57:25 ----HD---- C:\WINDOWS\inf
2010-08-10 07:17:21 ----D---- C:\Program Files\Java
2010-08-02 23:28:57 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-07-23 10:35:21 ----D---- C:\Program Files\Native Instruments
2010-07-18 23:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-05-19 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-05-19 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-05-19 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-02-16 1057024]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-05-19 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#14 Příspěvek od **vyosek** » 10 srp 2010 21:02

A jeste Vam nedam pokoj

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
"TkBellExe"=-

Soubor ulozte jako oprava.reg
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Nevidim zadny antivir - doinstalujte - prehled AV mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 Doporucuji Avast nebo Aviru.

Z logu je patrno, ze nemate aktualni verzi Windows - chybi Vam ServicePack 3 - doinstalujte jej

Vice info mate zde http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

Z logu je patrno, ze nepouzivate firewall - doporucuji doinstalovat

k cemu je dobry http://www.viry.cz/forum/viewtopic.php?f=41&t=20980
prehled osobnich firewallu http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej

Aktualizaci najdete zde (pod tlacitkem "Ke stazeni") http://www.microsoft.com/cze/windows/internet-explorer/
Doporucuji vsak pouzivat alternativni prohlizece - vice zde http://www.viry.cz/forum/viewtopic.php?f=19&t=6116

VIRY.CZ

prosim o kontrolu logu

prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu