Prosím o kontrolu, spomalený PC

Zpráva

slejdo · #1 Příspěvek od **slejdo** » 06 črc 2010 15:35

Logfile of random's system information tool 1.07 (written by random/random)
Run by GTX at 2010-07-06 16:33:33
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (37%) free of 20 GB
Total RAM: 511 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:33:59, on 6.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\GTX\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\GTX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.safeappsoftware.com/default.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://creative.ak.fbcdn.net/ads3/flyer ... a41993.jpg
O24 - Desktop Component 1: (no name) - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 4465_n.jpg
O24 - Desktop Component 2: (no name) - http://www.autovia.sk/images/cars/52188 ... 67-1_t.jpg

--
End of file - 5525 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-04-19 106496]
"PSUNMain"=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2010-05-14 406848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-07 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-12-15 282624]

C:\Documents and Settings\GTX\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD5\WinDVD.exe"="C:\Program Files\InterVideo\DVD5\WinDVD.exe:*:Disabled:WinDVD"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Disabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-07-06 16:33:33 ----D---- C:\rsit
2010-07-05 19:50:52 ----D---- C:\Documents and Settings\GTX\Application Data\AusLogics
2010-07-05 19:48:41 ----D---- C:\Program Files\Auslogics
2010-07-05 17:17:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2010-07-05 17:16:41 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2010-07-04 19:10:36 ----D---- C:\Documents and Settings\All Users\Application Data\Panda Security
2010-07-04 19:07:15 ----D---- C:\Documents and Settings\GTX\Application Data\Malwarebytes
2010-07-04 19:07:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-04 19:07:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-04 18:47:39 ----D---- C:\Program Files\CCleaner
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\unicows.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\anim.dll
2010-06-17 18:32:33 ----D---- C:\Documents and Settings\GTX\Application Data\Unity

======List of files/folders modified in the last 1 months======

2010-07-06 16:33:59 ----D---- C:\Program Files\Trend Micro
2010-07-06 16:30:47 ----SHD---- C:\WINDOWS\Installer
2010-07-06 16:30:47 ----D---- C:\WINDOWS\SxsCaPendDel
2010-07-06 16:30:24 ----HD---- C:\Config.Msi
2010-07-06 16:30:24 ----D---- C:\Program Files\SweetIM
2010-07-06 16:30:18 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2010-07-06 16:28:34 ----D---- C:\Program Files
2010-07-06 16:27:04 ----D---- C:\WINDOWS\Temp
2010-07-06 16:26:53 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-06 16:25:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-06 14:43:29 ----D---- C:\WINDOWS\system32\drivers
2010-07-05 21:12:43 ----D---- C:\WINDOWS\Prefetch
2010-07-05 20:14:52 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-05 20:14:04 ----D---- C:\WINDOWS\system32\config
2010-07-05 20:14:04 ----D---- C:\WINDOWS\system32
2010-07-05 20:04:26 ----D---- C:\WINDOWS
2010-07-05 19:12:49 ----SD---- C:\Documents and Settings\GTX\Application Data\Microsoft
2010-07-05 19:01:55 ----D---- C:\Program Files\Adobe
2010-07-05 18:57:55 ----D---- C:\Program Files\Common Files\Adobe
2010-07-05 17:16:41 ----D---- C:\Program Files\Common Files
2010-07-05 17:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-05 14:00:18 ----D---- C:\Program Files\Mozilla Firefox
2010-07-05 13:48:21 ----SH---- C:\boot.ini
2010-07-05 13:48:21 ----A---- C:\WINDOWS\win.ini
2010-07-05 13:48:21 ----A---- C:\WINDOWS\system.ini
2010-07-05 10:30:40 ----D---- C:\WINDOWS\system32\Restore
2010-07-05 10:09:00 ----D---- C:\Documents and Settings\All Users\Application Data\COMODO
2010-07-05 08:59:02 ----SD---- C:\WINDOWS\Tasks
2010-07-04 20:29:38 ----D---- C:\WINDOWS\OPTIONS
2010-07-04 19:10:35 ----D---- C:\Program Files\Panda Security
2010-07-04 18:32:58 ----D---- C:\Documents and Settings\GTX\Application Data\SUPERAntiSpyware.com
2010-07-04 18:32:57 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-04 17:59:40 ----D---- C:\Program Files\VS Revo Group
2010-06-09 10:29:45 ----D---- C:\Documents and Settings\GTX\Application Data\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\psinknc.sys [2010-05-04 129928]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-07 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-07 25416]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2010-05-27 141384]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2010-04-30 97032]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2010-04-30 111624]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2010-05-12 110920]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-03-05 9856]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-04-20 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-04-30 136448]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-05 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 06 črc 2010 20:04

Zdravim a pekny vecer preji

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKCU\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35D-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

Soubor ulozte jako oprava.reg :idea:Pri ukladani dejte ulozit jako typ Vsechny soubory
Zavrit notepad a spustit oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Log vsak vypada OK, provedte kroky vyse a dejte vedet co PC...

slejdo · #3 Příspěvek od **slejdo** » 06 črc 2010 20:39

Dobrý večer aj Vám..

Všetko som urobil ako ste mi kázali, ale zmena sa neprejavila. Proste po zapnutí PC obyčajne býval rýchly, programy, internet, to všetko sa spúšťalo okamžite. Teraz to trvá pridlho

Nebude to už jeho vekom? Mám ho už vyše 5 rokov a aj ramka tam nie je bohvieaká...

#4 Příspěvek od **vyosek** » 06 črc 2010 20:47

Pokud neni 5 let preinstalovany windows, tak bych nad tim docela i zauvazoval, jelikoz nic nedokaze winy vycistit lepe - navic system je uz docela unaven...No a 512 RAM je docela uz malo...popremyslel bych o koupi i nove a instalaci W7 Home (Premium)

Po startu se Vam spousti zbytecne programy - na jejich zastaveni muzete pouzit StartUpLite (viz muj podpis)

Zastavenim takovychto programu zrychlyte spousteni systemu
Program stahnete, ulozte treba na plochu a spustte
Vypise se Vam seznam zbytecnych programu spoustenych po startu
Kliknete na Disable cimz zamezite jejich spousteni
Nasledne kliknete na Continue a je hotovo
Nemusite se bat ze si odstrelite neco nutneho pro beh Windows - program vypisuje jen zbytecne programy
Po pouziti muzete programek smazat

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

slejdo · #5 Příspěvek od **slejdo** » 06 črc 2010 21:05

Použil som ten StartupLite a dva programy som teda odstránil zo štartu systému. Systém je spočiatku rýchly, ale potom zničoho nič spomaľuje a pri surfovaní po nete sa dokonca stáva, že mozilla prestane reagovať

Asi to už bude fakt tými starými parametrami PC

Ale ďakujem Vám za Váš čas, pomohli ste mi a aspoň o trošku sa to zlepšilo. MBAM som použil včera a nenašiel nič...

#6 Příspěvek od **vyosek** » 06 črc 2010 21:30

Preci jen na to kouknem, at vime ze tam nic neni

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

slejdo · #7 Příspěvek od **slejdo** » 07 črc 2010 05:08

OTL logfile created on: 7.7.2010 5:46:20 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\GTX\My Documents\Preberanie
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 40,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 7,20 Gb Free Space | 36,84% Space Free | Partition Type: NTFS
Drive D: | 54,99 Gb Total Space | 8,83 Gb Free Space | 16,06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ERATHIA
Current User Name: GTX
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.07 05:42:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GTX\My Documents\Preberanie\OTL.exe
PRC - [2010.07.05 13:59:56 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.05.14 15:06:30 | 000,406,848 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2010.04.30 13:47:30 | 000,136,448 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010.04.19 10:21:18 | 000,106,496 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2005.04.26 05:22:32 | 000,589,824 | ---- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2005.03.14 12:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004.08.04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.07.07 05:42:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GTX\My Documents\Preberanie\OTL.exe
MOD - [2010.04.19 10:21:08 | 000,018,432 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2006.07.11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr71.dll
MOD - [2004.08.04 00:57:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.04.30 13:47:30 | 000,136,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2005.03.14 12:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2010.05.27 18:39:32 | 000,141,384 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2010.05.12 10:58:12 | 000,110,920 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2010.05.04 08:36:54 | 000,129,928 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2010.04.30 13:46:52 | 000,111,624 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2010.04.30 13:46:52 | 000,097,032 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2010.04.20 18:00:55 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.03.07 17:54:34 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.07 17:54:34 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.03.05 18:53:42 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.08.04 00:29:28 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.07.16 08:19:52 | 000,070,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2003.10.02 04:16:48 | 000,119,552 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pnpshark.sys -- (pnpshark)
DRV - [2003.09.27 15:37:16 | 000,005,504 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\st3shark.sys -- (st3shark)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.safeappsoftware.com/default.asp
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://google.sk"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.05 16:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.05 16:57:00 | 000,000,000 | ---D | M]

[2010.03.05 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Mozilla\Extensions
[2010.07.06 16:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\extensions
[2010.04.16 16:05:21 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.04.25 14:41:15 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.03.06 13:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.15 19:40:46 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.07.04 13:04:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-1.xml
[2010.04.05 11:06:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-2.xml
[2010.03.27 22:35:18 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin.xml
[2010.07.04 18:44:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.22 17:35:58 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.05 14:00:02 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.07.05 14:00:02 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.07.05 14:00:02 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.07.05 14:00:02 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.07.05 14:00:02 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.07.05 14:00:02 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2001.08.23 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - Startup: C:\Documents and Settings\GTX\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe (Microgaming)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - http://creative.ak.fbcdn.net/ads3/flyer ... a41993.jpg
O24 - Desktop Components:1 () - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 4465_n.jpg
O24 - Desktop Components:2 () - http://www.autovia.sk/images/cars/52188 ... 67-1_t.jpg
O24 - Desktop Components:3 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\GTX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\GTX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.05 18:11:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Unable to start service SrService!

========== Files/Folders - Created Within 7 Days ==========

[2010.07.06 21:33:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\GTX\Recent
[2010.07.06 16:33:33 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.05 21:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GTX\DoctorWeb
[2010.07.05 19:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GTX\Application Data\AusLogics
[2010.07.05 19:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010.07.05 18:57:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2010.07.05 17:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2010.07.05 17:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2010.07.05 16:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GTX\.gimp-2.6
[2010.07.05 16:36:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GTX\My Documents\gegl-0.0
[2010.07.04 19:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010.07.04 19:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GTX\Application Data\Malwarebytes
[2010.07.04 19:07:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.04 19:07:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.04 19:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.07.04 19:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.07.04 18:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.07.04 18:45:53 | 001,706,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010.07.04 18:45:53 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2010.07.04 18:45:53 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2010.07.04 18:45:53 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2010.07.04 18:45:53 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2010.07.04 18:45:53 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF32.DLL
[2010.07.04 18:45:53 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF16.DLL
[2003.10.02 04:16:48 | 000,119,552 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\pnpshark.sys
[2003.09.27 15:37:16 | 000,005,504 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\st3shark.sys

========== Files - Modified Within 7 Days ==========

[2010.07.07 05:46:39 | 006,553,600 | ---- | M] () -- C:\Documents and Settings\GTX\NTUSER.DAT
[2010.07.07 05:40:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.07 05:40:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.07 05:40:50 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.06 22:06:12 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\GTX\ntuser.ini
[2010.07.06 21:29:03 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003UA.job
[2010.07.06 20:29:06 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003Core.job
[2010.07.05 19:52:45 | 000,260,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.05 19:48:42 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\GTX\Desktop\Auslogics Cleaner.lnk
[2010.07.05 19:46:42 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2010.07.05 18:58:10 | 000,000,988 | ---- | M] () -- C:\Documents and Settings\GTX\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010.07.05 13:48:21 | 000,000,628 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.05 13:48:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.05 13:48:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.07.05 13:07:34 | 000,000,996 | ---- | M] () -- C:\Documents and Settings\GTX\Desktop\HP Solution Center.lnk
[2010.07.05 10:38:33 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\GTX\Desktop\Google Chrome.lnk
[2010.07.05 10:38:33 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010.07.05 09:08:12 | 006,553,600 | ---- | M] () -- C:\Documents and Settings\GTX\NTUSER.DAT.regbk109
[2010.07.04 19:11:03 | 000,000,264 | ---- | M] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2010.07.04 19:07:11 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.04 18:47:41 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\GTX\Desktop\CCleaner.lnk
[2010.07.04 17:59:41 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\GTX\Desktop\Revo Uninstaller.lnk

========== Files Created - No Company Name ==========

[2010.07.05 19:48:42 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\GTX\Desktop\Auslogics Cleaner.lnk
[2010.07.05 18:58:10 | 000,000,988 | ---- | C] () -- C:\Documents and Settings\GTX\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2010.07.05 13:07:34 | 000,000,996 | ---- | C] () -- C:\Documents and Settings\GTX\Desktop\HP Solution Center.lnk
[2010.07.05 10:38:33 | 000,002,268 | ---- | C] () -- C:\Documents and Settings\GTX\Desktop\Google Chrome.lnk
[2010.07.05 10:38:33 | 000,002,246 | ---- | C] () -- C:\Documents and Settings\GTX\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010.07.05 09:07:40 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\GTX\NTUSER.DAT.regan613.LOG
[2010.07.04 19:11:03 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2010.07.04 19:07:11 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.04 18:52:05 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2010.07.04 18:47:41 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\GTX\Desktop\CCleaner.lnk
[2010.07.04 18:45:52 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2010.07.04 17:59:41 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\GTX\Desktop\Revo Uninstaller.lnk
[2010.04.08 15:14:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010.04.05 10:52:19 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010.04.05 10:50:24 | 000,002,455 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2010.03.11 18:27:28 | 000,003,731 | ---- | C] () -- C:\WINDOWS\wtran32.INI
[2010.03.07 17:54:34 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.03.07 17:54:34 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.03.06 14:27:43 | 000,003,209 | ---- | C] () -- C:\WINDOWS\wdict32.INI
[2010.03.05 20:55:46 | 000,000,538 | ---- | C] () -- C:\WINDOWS\webtran4.INI
[2010.03.05 19:14:56 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.03.05 19:01:42 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.03.05 18:39:43 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010.03.05 18:39:33 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.01.20 19:43:06 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\DirectCOM.dll
[2010.01.20 19:43:00 | 000,309,248 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll
[2007.01.12 17:48:16 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.01.05 23:23:06 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.01.05 23:23:06 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.01.05 23:23:04 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.01.05 23:23:04 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.01.05 23:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.01.05 23:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.01.05 23:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.01.05 23:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.01.05 23:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004.08.04 00:56:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003.10.02 03:20:48 | 000,061,952 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.03.21 16:39:02 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002.03.20 23:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2001.07.06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010.04.05 10:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010.04.22 18:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2010.04.24 20:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Computer Updater
[2010.04.24 20:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disk Cleaner
[2010.03.06 13:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.05 10:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2010.05.01 15:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010.07.04 19:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010.04.24 20:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Registry Helper
[2010.07.06 16:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2010.07.06 19:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.05 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\ACD Systems
[2010.07.05 20:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\AusLogics
[2010.04.16 19:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\CBS Interactive
[2010.04.05 10:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\GHISLER
[2010.05.19 20:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\ICQ
[2010.05.18 19:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Image Zone Express
[2010.03.05 19:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\InterVideo
[2010.04.09 13:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\LangSoft
[2010.05.18 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Microgaming
[2010.04.10 13:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Opera
[2010.04.05 11:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Panda Security
[2010.04.16 15:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Uniblue
[2010.06.17 18:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Unity

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2006.03.17 18:55:30 | 000,008,192 | ---- | M] () -- C:\rld-tgfkg.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.04.05 10:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010.07.05 17:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.07.05 17:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2010.04.22 18:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2010.07.05 10:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMODO
[2010.04.06 23:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
[2010.04.24 20:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Computer Updater
[2010.04.24 20:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disk Cleaner
[2010.04.08 15:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2010.03.06 13:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.05 10:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2010.07.04 19:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.03.06 01:12:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.05.01 15:39:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010.04.07 19:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.07.04 19:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2010.04.24 20:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Registry Helper
[2010.03.05 22:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.04.18 13:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.04.05 10:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.07.06 16:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2010.07.06 19:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.05 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\ACD Systems
[2010.04.07 22:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Adobe
[2010.03.05 19:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\AdobeUM
[2010.03.05 18:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Ahead
[2010.07.05 20:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\AusLogics
[2010.04.16 19:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\CBS Interactive
[2010.04.05 10:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\GHISLER
[2010.05.14 19:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Hamachi
[2010.04.08 15:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\HP
[2010.05.19 20:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\ICQ
[2010.03.05 18:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Identities
[2010.05.18 19:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Image Zone Express
[2010.04.21 18:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\InstallShield
[2010.03.05 19:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\InterVideo
[2010.04.09 13:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\LangSoft
[2010.03.05 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Macromedia
[2010.07.04 19:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Malwarebytes
[2010.05.18 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Microgaming
[2010.07.05 19:12:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\GTX\Application Data\Microsoft
[2010.06.09 10:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Mozilla
[2010.04.10 13:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Opera
[2010.04.05 11:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Panda Security
[2010.05.31 13:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Skype
[2010.05.19 20:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\skypePM
[2010.04.18 13:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Sun
[2010.07.04 18:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\SUPERAntiSpyware.com
[2010.04.16 15:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Uniblue
[2010.06.17 18:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Unity
[2010.04.15 14:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\vlc
[2010.04.16 16:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\Winamp
[2010.04.05 10:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GTX\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.04 00:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 00:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2009.12.22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.04 00:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.04 00:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004.08.04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2001.08.17 14:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.08.17 14:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 00:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.04 00:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.04 00:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.04 00:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.08.04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2005.04.26 05:22:40 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.01.20 19:43:06 | 000,496,128 | ---- | M] ( datenhaus GmbH) Unable to obtain MD5 -- C:\WINDOWS\system32\dhRichClient3.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.27 18:39:32 | 000,141,384 | ---- | M] (Panda Security, S.L.) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PSINAflt.sys
[2010.04.30 13:46:52 | 000,097,032 | ---- | M] (Panda Security, S.L.) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PSINFile.sys
[2010.05.04 08:36:54 | 000,129,928 | ---- | M] (Panda Security, S.L.) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PSINKNC.sys
[2010.04.30 13:46:52 | 000,111,624 | ---- | M] (Panda Security, S.L.) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PSINProc.sys
[2010.05.12 10:58:12 | 000,110,920 | ---- | M] (Panda Security, S.L.) Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\PSINProt.sys

< %systemroot%\System32\config\*.sav >
[2010.03.05 18:58:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.03.05 18:58:15 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.03.05 18:58:15 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.05 19:52:45 | 000,260,640 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.07.04 19:11:03 | 000,000,264 | ---- | M] () -- C:\WINDOWS\system32\PSUNCpl.dat
[2010.07.05 19:46:42 | 000,000,046 | ---- | M] () -- C:\WINDOWS\system32\_WKERNEL.FRE

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:587EB586
< End of report >

slejdo · #8 Příspěvek od **slejdo** » 07 črc 2010 05:09

OTL Extras logfile created on: 7.7.2010 5:46:20 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\GTX\My Documents\Preberanie
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 40,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 7,20 Gb Free Space | 36,84% Space Free | Partition Type: NTFS
Drive D: | 54,99 Gb Total Space | 8,83 Gb Free Space | 16,06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ERATHIA
Current User Name: GTX
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\InterVideo\DVD5\WinDVD.exe" = C:\Program Files\InterVideo\DVD5\WinDVD.exe:*:Disabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Disabled:aolload.exe -- (AOL LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{1B399A41-C1D0-40A2-9E4F-095868EFAF01}" = InterVideo WinDVD Platinum 5
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2DF9A978-DEA1-4433-805D-66790FC28C62}" = DAEMON Tools
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71D4305B-56E6-4971-A799-FB7678A1D1A5}" = ASUS ATI Driver
"{71D9B000-CD43-4DE9-9729-49434415B8F7}" = F300Trb
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{AAA11090-6E99-4655-AAF5-57EB5F677D0C}" = MarketResearch
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}" = DocProc
"{BFB7485D-A200-33CA-A2E1-E1600CA76484}" = Google Talk Plugin
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}" = Toolbox
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1" = Auslogics Registry Defrag
"{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}" = HP Photosmart Essential
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2BE1618-AF5F-4F7D-8484-42E080EDF609}" = AGEIA PhysX v7.01.12
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}" = HP PSC & OfficeJet 6.1.A
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F727DCA7-4B7B-4CF5-8348-881BF3B0D046}" = SweetIM for Messenger 3.1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"BCL Drake 5" = BCL Drake 5.0 (Demo)
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 6.1
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.1
"HPExtendedCapabilities" = HP Extended Capabilities 6.1
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.89
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Totalcmd" = Total Commander (Remove or Repair)
"Unibet Poker" = Unibet Poker
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR archivátor

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.5.2010 9:58:55 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 8.5.2010 9:59:46 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 8.5.2010 9:59:46 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 13.5.2010 14:34:32 | Computer Name = ERATHIA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie svchost.exe, verzia 5.1.2600.2180, zlyhanie modulu
wiaservc.dll, verzia 5.1.2600.2180, adresa zlyhania 0x000222e0.

Error - 17.5.2010 7:04:49 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Picasa3.exe, verzia 3.6.105.56, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 18.5.2010 13:35:15 | Computer Name = ERATHIA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie hp_ize.exe, verzia 1.8.0.26, zlyhanie modulu viewpl2.dll,
verzia 1.8.0.26, adresa zlyhania 0x0003c176.

Error - 18.5.2010 13:39:31 | Computer Name = ERATHIA | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie hp_ize.exe, verzia 1.8.0.26, zlyhanie modulu viewpl2.dll,
verzia 1.8.0.26, adresa zlyhania 0x0003c176.

Error - 24.5.2010 11:33:04 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Picasa3.exe, verzia 3.6.105.56, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 24.5.2010 11:33:04 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Picasa3.exe, verzia 3.6.105.56, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 24.5.2010 11:33:06 | Computer Name = ERATHIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Picasa3.exe, verzia 3.6.105.56, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

[ System Events ]
Error - 5.7.2010 3:10:15 | Computer Name = ERATHIA | Source = Ntfs | ID = 262199
Description = Štruktúra systému súborov na disku je poškodená a je nepoužiteľná.
Na
zväzku D: spustite pomôcku chkdsk.

Error - 5.7.2010 3:10:15 | Computer Name = ERATHIA | Source = Ntfs | ID = 262199
Description = Štruktúra systému súborov na disku je poškodená a je nepoužiteľná.
Na
zväzku D: spustite pomôcku chkdsk.

Error - 5.7.2010 9:32:51 | Computer Name = ERATHIA | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.33 adresy IP pre
sieťovú kartu so sieťovou adresou 001485F5B3AA (server DHCP odoslal hlásenie DHCPNACK).

Error - 6.7.2010 8:22:27 | Computer Name = ERATHIA | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.33 adresy IP pre
sieťovú kartu so sieťovou adresou 001485F5B3AA (server DHCP odoslal hlásenie DHCPNACK).

Error - 6.7.2010 15:31:12 | Computer Name = ERATHIA | Source = Service Control Manager | ID = 7034
Description = Služba Pml Driver HPZ12 sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 6.7.2010 15:31:12 | Computer Name = ERATHIA | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.

Error - 6.7.2010 15:31:19 | Computer Name = ERATHIA | Source = Service Control Manager | ID = 7031
Description = Služba Panda Cloud Antivirus Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná
akcia: Reštartovať službu.

Error - 6.7.2010 23:40:57 | Computer Name = ERATHIA | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.33 adresy IP pre
sieťovú kartu so sieťovou adresou 001485F5B3AA (server DHCP odoslal hlásenie DHCPNACK).

Error - 6.7.2010 23:46:53 | Computer Name = ERATHIA | Source = SRService | ID = 104
Description = Proces inicializácie služby Obnovovanie systému zlyhal.

Error - 6.7.2010 23:46:54 | Computer Name = ERATHIA | Source = Service Control Manager | ID = 7023
Description = Služba System Restore Service bola ukončená s nasledujúcou chybou:
%%2

< End of report >

#9 Příspěvek od **vyosek** » 07 črc 2010 07:39

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.safeappsoftware.com/default.asp
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-602162358-839522115-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
[2010.07.04 13:04:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-1.xml
[2010.04.05 11:06:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-2.xml
[2010.03.27 22:35:18 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin.xml
[2006.03.17 18:55:30 | 000,008,192 | ---- | M] () -- C:\rld-tgfkg.exe
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:587EB586

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit ci Run Fix
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

slejdo · #10 Příspěvek od **slejdo** » 07 črc 2010 18:00

All processes killed
========== OTL ==========
HKU\S-1-5-21-606747145-602162358-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-606747145-602162358-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-602162358-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: "Ask.com" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "http://slirsredirect.search.aol.com/sli ... ie7&query=" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "Ask.com" removed from sweetim.toolbar.previous.browser.search.selectedEngine
C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\GTX\Application Data\Mozilla\Firefox\Profiles\ijo9zjr3.default\searchplugins\icqplugin.xml moved successfully.
C:\rld-tgfkg.exe moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:587EB586 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Installer\MSI1FC.tmp moved successfully.
C:\WINDOWS\Installer\MSI1FF.tmp moved successfully.
C:\WINDOWS\Installer\MSI202.tmp moved successfully.
C:\WINDOWS\Installer\MSI205.tmp moved successfully.
C:\WINDOWS\Installer\MSI206.tmp moved successfully.
C:\WINDOWS\Installer\MSI207.tmp moved successfully.
C:\WINDOWS\Installer\MSI2F.tmp moved successfully.
C:\WINDOWS\Installer\MSI30.tmp moved successfully.
C:\WINDOWS\Installer\MSI31.tmp moved successfully.
C:\WINDOWS\Installer\MSI32.tmp moved successfully.
C:\WINDOWS\Installer\MSI33.tmp moved successfully.
C:\WINDOWS\Installer\MSI34.tmp moved successfully.
C:\WINDOWS\Installer\MSI35.tmp moved successfully.
C:\WINDOWS\Installer\MSIC.tmp moved successfully.
C:\WINDOWS\Installer\MSID.tmp moved successfully.
C:\WINDOWS\Installer\MSID3.tmp moved successfully.
C:\WINDOWS\Installer\MSID4.tmp moved successfully.
C:\WINDOWS\Installer\MSID5.tmp moved successfully.
C:\WINDOWS\Installer\MSID6.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: GTX
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 478924 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34198566 bytes
->Google Chrome cache emptied: 76073915 bytes
->Flash cache emptied: 1349 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 106,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: GTX
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Unable to start service SRService!

OTL by OldTimer - Version 3.2.7.1 log created on 07072010_184855

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#11 Příspěvek od **vyosek** » 07 črc 2010 18:02

Co na to pocitac, jak se chova

slejdo · #12 Příspěvek od **slejdo** » 07 črc 2010 18:13

Myslím, že je rýchlejší

A ten programík StartUp lite je super

.. Pomohli ste mi, ďakujem Vám za váš čas

#13 Příspěvek od **vyosek** » 07 črc 2010 20:35

Jeste mi neutikejte, uklidim po sobe a utilitach a ceka nas zaverecna kontrola

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Poprosim o novy log ze RSITu

slejdo · #14 Příspěvek od **slejdo** » 08 črc 2010 19:43

Logfile of random's system information tool 1.07 (written by random/random)
Run by GTX at 2010-07-08 20:41:54
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (39%) free of 20 GB
Total RAM: 511 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:13, on 8.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\GTX\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\GTX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - Default URLSearchHook is missing
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://creative.ak.fbcdn.net/ads3/flyer ... a41993.jpg
O24 - Desktop Component 1: (no name) - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 4465_n.jpg
O24 - Desktop Component 2: (no name) - http://www.autovia.sk/images/cars/52188 ... 67-1_t.jpg

--
End of file - 5643 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-08 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-04-19 106496]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-08 2065760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-07 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-07 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-12-15 282624]

C:\Documents and Settings\GTX\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-08 12536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD5\WinDVD.exe"="C:\Program Files\InterVideo\DVD5\WinDVD.exe:*:Disabled:WinDVD"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\GTX\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Disabled:aolload.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-07-08 20:41:54 ----D---- C:\rsit
2010-07-08 19:35:36 ----HD---- C:\$AVG
2010-07-08 15:36:40 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-07-08 15:33:08 ----D---- C:\Program Files\AVG
2010-07-08 15:32:49 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-07-08 14:49:04 ----D---- C:\Program Files\VITSOFT
2010-07-05 19:50:52 ----D---- C:\Documents and Settings\GTX\Application Data\AusLogics
2010-07-05 19:48:41 ----D---- C:\Program Files\Auslogics
2010-07-05 17:17:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2010-07-05 17:16:41 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2010-07-04 19:10:36 ----D---- C:\Documents and Settings\All Users\Application Data\Panda Security
2010-07-04 19:07:15 ----D---- C:\Documents and Settings\GTX\Application Data\Malwarebytes
2010-07-04 19:07:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-04 19:07:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-04 18:47:39 ----D---- C:\Program Files\CCleaner
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\unicows.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-07-04 18:45:53 ----A---- C:\WINDOWS\system32\anim.dll
2010-06-17 18:32:33 ----D---- C:\Documents and Settings\GTX\Application Data\Unity

======List of files/folders modified in the last 1 months======

2010-07-08 20:42:04 ----D---- C:\Program Files\Trend Micro
2010-07-08 19:39:14 ----D---- C:\WINDOWS\Prefetch
2010-07-08 19:32:21 ----D---- C:\WINDOWS
2010-07-08 15:48:35 ----D---- C:\WINDOWS\Temp
2010-07-08 15:47:22 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-07-08 15:36:40 ----D---- C:\WINDOWS\system32
2010-07-08 15:36:37 ----D---- C:\WINDOWS\system32\drivers
2010-07-08 15:33:08 ----D---- C:\Program Files
2010-07-08 15:32:48 ----SHD---- C:\WINDOWS\Installer
2010-07-08 15:32:48 ----HD---- C:\Config.Msi
2010-07-08 15:32:47 ----D---- C:\WINDOWS\WinSxS
2010-07-08 15:32:47 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-08 15:21:41 ----D---- C:\Program Files\Panda Security
2010-07-08 15:20:53 ----D---- C:\WINDOWS\system32\config
2010-07-08 15:19:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-07 18:49:01 ----D---- C:\WINDOWS\twain_32
2010-07-06 19:07:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-06 18:57:22 ----D---- C:\WINDOWS\SxsCaPendDel
2010-07-06 16:30:24 ----D---- C:\Program Files\SweetIM
2010-07-06 16:30:18 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2010-07-05 19:12:49 ----SD---- C:\Documents and Settings\GTX\Application Data\Microsoft
2010-07-05 19:01:55 ----D---- C:\Program Files\Adobe
2010-07-05 18:57:55 ----D---- C:\Program Files\Common Files\Adobe
2010-07-05 17:16:41 ----D---- C:\Program Files\Common Files
2010-07-05 17:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-05 14:00:18 ----D---- C:\Program Files\Mozilla Firefox
2010-07-05 13:48:21 ----SH---- C:\boot.ini
2010-07-05 13:48:21 ----A---- C:\WINDOWS\win.ini
2010-07-05 13:48:21 ----A---- C:\WINDOWS\system.ini
2010-07-05 10:30:40 ----D---- C:\WINDOWS\system32\Restore
2010-07-05 10:09:00 ----D---- C:\Documents and Settings\All Users\Application Data\COMODO
2010-07-05 08:59:02 ----SD---- C:\WINDOWS\Tasks
2010-07-04 20:29:38 ----D---- C:\WINDOWS\OPTIONS
2010-07-04 18:32:58 ----D---- C:\Documents and Settings\GTX\Application Data\SUPERAntiSpyware.com
2010-07-04 18:32:57 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-04 17:59:40 ----D---- C:\Program Files\VS Revo Group
2010-06-09 10:29:45 ----D---- C:\Documents and Settings\GTX\Application Data\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-08 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-07-08 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-08 243024]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-07 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-07 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-03-05 9856]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-04-20 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-08 308136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-05 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

#15 Příspěvek od **vyosek** » 08 črc 2010 19:52

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

Soubor ulozte jako oprava.reg :idea:Pri ukladani dejte ulozit jako typ Vsechny soubory
Zavrit notepad a spustit oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Z logu je patrno, ze nemate aktualni verzi Windows - chybi Vam ServicePack 3 - doinstalujte jej

Vice info mate zde http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej

Aktualizaci najdete zde (pod tlacitkem "Ke stazeni") http://www.microsoft.com/cze/windows/internet-explorer/
Doporucuji vsak pouzivat alternativni prohlizece - vice zde http://www.viry.cz/forum/viewtopic.php?f=19&t=6116

Pouzivate AVG Internet Security nebo AVG Anti-Virus (bez firewallu)

VIRY.CZ

Prosím o kontrolu, spomalený PC

Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC

Re: Prosím o kontrolu, spomalený PC