VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu. Dakujem pekne

https://forum.viry.cz:443/viewtopic.php?t=110725

Stránka 1 z 1

Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 07:26
od lubica
Logfile of random's system information tool 1.08 (written by random/random)
Run by Správca at 2011-04-02 08:20:21
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 51 GB (69%) free of 74 GB
Total RAM: 1015 MB (45% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}]
ooVoo Video Chat Toolbar - C:\Program Files\ooVoo_Video_Chat\prxtbooVo.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll [2010-10-26 217088]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\Styler\TB\StylerTB.dll [2006-05-02 102400]
{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - ooVoo Video Chat Toolbar - C:\Program Files\ooVoo_Video_Chat\prxtbooVo.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2009-04-16 630784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-03-13 98304]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-04-16 118784]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-06 1434920]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-03-06 79144]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"BigDog305"=C:\WINDOWS\VM305_STI.EXE [2007-04-09 57344]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2005-12-20 94208]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-09-29 18750976]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe [2010-10-26 323584]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-05-08 395776]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WebcamMaxAutoRun"=C:\Program Files\WebcamMax\WebcamMax.exe [2009-12-30 1561232]
"Google Update"=C:\Documents and Settings\Správca\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-07-07 416768]
"viwc"=C:\WINDOWS\system32\viwc.exe [2008-11-15 334422]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Správca\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-14 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:\Program Files\ManyCam 2.4\ManyCam.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Správca\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Správca\Desktop\ikony z plochy\Arkanoid3d\Arkanoid 3D\Arkanoid3d.exe"="C:\Documents and Settings\Správca\Desktop\ikony z plochy\Arkanoid3d\Arkanoid 3D\Arkanoid3d.exe:*:Enabled:Arkanoid3d"
"C:\Program Files\ooVoo\ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe"="C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Enabled:MxDownloadServer"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2011-04-01 21:42:42 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-01 21:42:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-01 21:42:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-01 21:42:38 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-01 21:42:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-04-01 21:42:37 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-01 21:42:37 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-01 21:42:36 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-01 21:41:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-01 21:41:10 ----D---- C:\Program Files\AVAST Software
2011-04-01 21:41:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2011-03-31 20:30:25 ----D---- C:\Program Files\Common Files\Skype
2011-03-31 20:30:15 ----RD---- C:\Program Files\Skype
2011-03-31 18:50:04 ----D---- C:\Documents and Settings\Správca\Application Data\Maxthon3
2011-03-31 18:49:51 ----D---- C:\Program Files\Maxthon3
2011-03-27 02:12:35 ----D---- C:\Program Files\ConduitEngine
2011-03-27 02:12:32 ----D---- C:\Program Files\ooVoo_Video_Chat
2011-03-24 09:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-21 21:51:15 ----D---- C:\Program Files\RocketDock
2011-03-19 23:50:51 ----D---- C:\WINDOWS\system32\VIRepair
2011-03-19 23:45:03 ----A---- C:\WINDOWS\system32\viwc.exe
2011-03-19 23:45:00 ----D---- C:\Program Files\ViSplore
2011-03-19 23:44:56 ----D---- C:\Program Files\TrueTransparency
2011-03-19 23:44:52 ----D---- C:\Program Files\WinFlip
2011-03-19 23:44:48 ----D---- C:\Program Files\ViStart
2011-03-19 23:44:47 ----D---- C:\Program Files\ViOrb
2011-03-19 23:44:43 ----D---- C:\Program Files\VisualTooltip
2011-03-19 23:44:35 ----D---- C:\Program Files\Styler
2011-03-19 23:44:23 ----D---- C:\Program Files\Vista Rainbar
2011-03-19 23:44:18 ----D---- C:\Program Files\LClock
2011-03-19 23:44:15 ----D---- C:\Program Files\Vista Drive Icon
2011-03-19 23:44:00 ----A---- C:\WINDOWS\system32\vistaui.exe
2011-03-19 23:21:50 ----D---- C:\WINDOWS\system32\VITrans
2011-03-19 23:21:37 ----D---- C:\VTPFiles
2011-03-19 23:21:27 ----A---- C:\WINDOWS\system32\Uharc.exe
2011-03-19 23:21:26 ----A---- C:\WINDOWS\system32\reico.exe
2011-03-19 23:21:26 ----A---- C:\WINDOWS\system32\modifype.exe
2011-03-19 23:21:25 ----A---- C:\WINDOWS\system32\moveex.exe
2011-03-19 23:21:24 ----A---- C:\WINDOWS\system32\pskill.exe
2011-03-19 23:20:41 ----A---- C:\WINDOWS\system32\scrnrdr.exe
2011-03-19 13:01:40 ----D---- C:\Program Files\Common Files\Java
2011-03-19 13:01:03 ----A---- C:\WINDOWS\system32\javaws.exe
2011-03-19 13:01:03 ----A---- C:\WINDOWS\system32\javaw.exe
2011-03-19 13:01:03 ----A---- C:\WINDOWS\system32\java.exe
2011-03-19 12:59:31 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2011-03-19 08:04:58 ----D---- C:\Documents and Settings\Správca\Application Data\facemoods.com
2011-03-19 00:19:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
2011-03-19 00:18:51 ----D---- C:\Program Files\Stardock
2011-03-18 23:33:06 ----D---- C:\Program Files\facemoods.com
2011-03-18 23:32:52 ----D---- C:\Program Files\182901
2011-03-17 22:30:56 ----A---- C:\WINDOWS\avisplitter.ini
2011-03-17 22:29:45 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2011-03-17 22:29:42 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-03-17 22:29:41 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-03-17 22:29:39 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2011-03-17 22:29:38 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2011-03-17 22:27:02 ----D---- C:\Documents and Settings\Správca\Application Data\Media Player Classic
2011-03-16 09:39:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-03-15 22:52:28 ----D---- C:\Documents and Settings\Správca\Application Data\WebcamMax
2011-03-12 21:26:02 ----D---- C:\Documents and Settings\Správca\Application Data\Pipeliner.5A8F60606AB9E68112BC6FCD53E816B203E65DCC.1
2011-03-12 21:25:21 ----D---- C:\Program Files\Pipeliner
2011-03-12 21:25:12 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-03-12 17:00:59 ----D---- C:\Documents and Settings\Správca\Application Data\magentictb
2011-03-12 17:00:54 ----D---- C:\Program Files\magentictb
2011-03-12 17:00:33 ----D---- C:\Program Files\Magentic
2011-03-12 07:46:07 ----D---- C:\WINDOWS\Logs
2011-03-10 15:38:46 ----D---- C:\Program Files\IncrediMail(2)
2011-03-10 14:38:07 ----D---- C:\Program Files\Photo Notifier and Animation Creator
2011-03-10 14:38:07 ----D---- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
2011-03-09 21:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 21:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-04 19:01:27 ----D---- C:\Documents and Settings\All Users\Application Data\WebcamMax
2011-03-04 18:54:46 ----D---- C:\Program Files\WebcamMax

======List of files/folders modified in the last 1 months======

2011-04-02 08:20:29 ----D---- C:\Program Files\trend micro
2011-04-02 08:15:34 ----D---- C:\Documents and Settings\Správca\Application Data\Skype
2011-04-02 07:15:03 ----D---- C:\WINDOWS\Temp
2011-04-02 07:09:42 ----D---- C:\WINDOWS\system32
2011-04-02 07:09:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-02 07:08:44 ----D---- C:\WINDOWS\Prefetch
2011-04-02 00:07:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-01 22:29:33 ----D---- C:\Program Files\ESET
2011-04-01 22:23:40 ----D---- C:\Program Files\Mozilla Firefox
2011-04-01 22:20:31 ----D---- C:\WINDOWS\system32\drivers
2011-04-01 21:42:22 ----SHD---- C:\WINDOWS\Installer
2011-04-01 21:42:21 ----D---- C:\Config.Msi
2011-04-01 21:42:19 ----D---- C:\WINDOWS\WinSxS
2011-04-01 21:41:46 ----D---- C:\WINDOWS
2011-04-01 21:41:10 ----RD---- C:\Program Files
2011-03-31 20:43:28 ----D---- C:\Documents and Settings\Správca\Application Data\Hamachi
2011-03-31 20:30:25 ----D---- C:\Program Files\Common Files
2011-03-31 20:06:55 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-03-31 19:46:30 ----D---- C:\Program Files\ooVoo
2011-03-31 18:28:18 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-31 18:10:19 ----D---- C:\WINDOWS\system32\config
2011-03-31 18:09:58 ----D---- C:\WINDOWS\system32\wbem
2011-03-31 18:09:57 ----D---- C:\WINDOWS\Registration
2011-03-24 09:21:00 ----HD---- C:\WINDOWS\inf
2011-03-24 09:20:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-21 22:09:11 ----D---- C:\Program Files\SpeedFan
2011-03-19 23:49:29 ----D---- C:\WINDOWS\system32\Restore
2011-03-19 23:49:29 ----D---- C:\Program Files\Windows Media Player
2011-03-19 23:49:28 ----D---- C:\Program Files\Outlook Express
2011-03-19 23:49:28 ----D---- C:\Program Files\Internet Explorer
2011-03-19 23:44:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-19 23:44:00 ----D---- C:\WINDOWS\Cursors
2011-03-19 23:42:58 ----D---- C:\WINDOWS\Media
2011-03-19 13:00:51 ----D---- C:\Program Files\Java
2011-03-17 23:12:14 ----SD---- C:\WINDOWS\Tasks
2011-03-17 22:29:45 ----D---- C:\Program Files\K-Lite Codec Pack
2011-03-15 23:31:32 ----D---- C:\WINDOWS\Debug
2011-03-13 09:12:04 ----D---- C:\Program Files\Opera
2011-03-12 23:25:22 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-12 22:58:13 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-12 22:49:57 ----RSD---- C:\WINDOWS\Fonts
2011-03-12 22:49:55 ----D---- C:\WINDOWS\NiwradSoft Shell Pack
2011-03-12 22:49:40 ----D---- C:\WINDOWS\srchasst
2011-03-12 22:49:34 ----D---- C:\WINDOWS\system32\usmt
2011-03-12 22:49:34 ----D---- C:\Program Files\Windows NT
2011-03-12 22:49:29 ----D---- C:\Program Files\Common Files\System
2011-03-12 22:46:39 ----D---- C:\WINDOWS\system32\DirectX
2011-03-12 21:26:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-12 21:25:16 ----D---- C:\Program Files\Adobe
2011-03-12 21:23:39 ----D---- C:\Documents and Settings\Správca\Application Data\Adobe
2011-03-12 17:01:01 ----D---- C:\Documents and Settings\Správca\Application Data\Mozilla
2011-03-12 07:47:38 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2008-09-12 327192]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-03 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-03-13 1528928]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-10-17 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-29 5920256]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-03-06 208304]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\fxxandroidusb.sys [2010-04-01 25728]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\SPRVCA~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\FXX\qcusbser.sys [2010-04-01 103424]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC0305;A4 TECH PC Camera V; C:\WINDOWS\System32\Drivers\usbVM305.sys [2006-05-08 391688]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-02-12 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-01 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 08:21
od vyosek
Zdravim a pekny den preji :)

:arrow: Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 20 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 10:44
od lubica
OTL logfile created on: 2.4.2011 9:41:21 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Správca\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 430,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72,06 Gb Total Space | 49,81 Gb Free Space | 69,13% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 65,60 Gb Free Space | 91,05% Space Free | Partition Type: NTFS

Computer Name: YOUR-05P9C7J1P9 | User Name: Správca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.04.02 09:34:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Správca\Desktop\OTL.exe
PRC - [2011.03.23 19:49:21 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Správca\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011.02.23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009.05.08 10:42:54 | 000,395,776 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2009.04.16 19:46:30 | 000,630,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2009.04.16 18:58:54 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2009.03.25 10:43:40 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2009.03.13 16:15:02 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008.04.14 14:00:00 | 001,423,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.13 20:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007.04.09 16:46:56 | 000,057,344 | ---- | M] (VM305SNAP) -- C:\WINDOWS\vm305_sti.exe
PRC - [2005.12.20 14:39:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2011.04.02 09:34:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Správca\Desktop\OTL.exe
MOD - [2011.02.23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010.08.23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.03.12 22:00:32 | 000,035,144 | ---- | M] ( ) -- C:\Program Files\Stardock\CursorFX\CurXP0.dll
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)


========== Driver Services (SafeList) ==========

DRV - [2011.02.23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.02.23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.02.23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.02.23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.02.23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.02.23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.02.23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.10.17 10:19:58 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.01 04:50:10 | 000,103,424 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV - [2010.04.01 04:50:10 | 000,025,728 | R--- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fxxandroidusb.sys -- (androidusb)
DRV - [2009.12.03 16:56:06 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.29 19:18:30 | 005,920,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.03.13 23:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009.03.02 07:03:47 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.05.08 10:24:24 | 000,391,688 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM305.sys -- (ZSMC0305)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sk-sk.facebook.com/ [binary data]
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "ooVoo Video Chat Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54}:3.3.3.2

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.04.01 21:41:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 22:42:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 22:42:08 | 000,000,000 | ---D | M]

[2010.05.31 11:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Extensions
[2010.04.28 14:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011.03.31 05:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions
[2010.06.01 13:37:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 09:18:41 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011.03.20 13:48:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.25 09:18:33 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Community Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
[2011.03.12 22:46:30 | 000,000,000 | ---D | M] (Magentic Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{D5D33A26-F043-4808-B335-6B10630E04F8}(2)
[2011.03.31 18:09:38 | 000,000,000 | ---D | M] (ooVoo Video Chat Community Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}
[2011.03.12 22:48:26 | 000,000,000 | ---D | M] (ooVoo Video Chat Community Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}(2)
[2011.03.12 22:48:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\engine@conduit(2).com
[2011.03.25 09:18:22 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\engine@conduit.com
[2011.03.18 23:33:11 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\ffxtlbr@Facemoods.com
[2010.04.28 14:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Správca\Application Data\Mozilla\SeaMonkey\Profiles\3e38xgbk.default\extensions
[2010.05.16 18:39:28 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\conduit.xml
[2011.03.31 05:20:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin-1.xml
[2011.03.23 22:43:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin-2.xml
[2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.src
[2011.03.13 00:32:33 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.xml
[2011.03.12 16:59:15 | 000,002,144 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\MyStart Search.xml
[2011.03.31 05:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.16 08:05:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.06 09:03:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.27 06:42:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.03 11:41:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.19 13:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM
[2009.12.08 20:09:21 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.31 14:12:17 | 001,140,200 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPFxViewer.dll
[2011.01.18 18:27:04 | 000,002,037 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchw7th2.xml
[2011.03.17 23:05:17 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.03.17 23:05:17 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.17 23:05:17 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.17 23:05:17 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.17 23:05:17 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pre aplikáciu Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE (VM305SNAP)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKU\S-1-5-21-510800751-467427538-2743169865-1005..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKU\S-1-5-21-510800751-467427538-2743169865-1005..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKU\S-1-5-21-510800751-467427538-2743169865-1005..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-510800751-467427538-2743169865-1005..\Run: [viwc] C:\WINDOWS\system32\viwc.exe ()
O4 - HKU\S-1-5-21-510800751-467427538-2743169865-1005..\Run: [WebcamMaxAutoRun] C:\Program Files\WebcamMax\WebcamMax.exe (CoolwareMax)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\__aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (vistaui.exe) - C:\WINDOWS\System32\vistaui.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Správca\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Správca\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.12 02:48:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{97b16826-c89c-11df-b8b8-0026185a66a1}\Shell - "" = AutoRun
O33 - MountPoints2\{97b16826-c89c-11df-b8b8-0026185a66a1}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{97b16828-c89c-11df-b8b8-0026185a66a1}\Shell - "" = AutoRun
O33 - MountPoints2\{97b16828-c89c-11df-b8b8-0026185a66a1}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)

========== Files/Folders - Created Within 7 Days ==========

[2011.04.02 09:34:34 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Správca\Desktop\OTL.exe
[2011.04.02 09:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Správca\Application Data\PriceGong
[2011.04.01 21:42:42 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.04.01 21:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011.04.01 21:42:41 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.04.01 21:42:39 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.04.01 21:42:38 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.04.01 21:42:38 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.04.01 21:42:37 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.04.01 21:42:37 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.04.01 21:42:36 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.04.01 21:41:46 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.04.01 21:41:36 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.04.01 21:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.04.01 21:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011.03.31 20:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.03.31 20:30:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.03.31 20:30:15 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.03.31 19:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ooVoo
[2011.03.31 18:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Správca\Start Menu\Programs\Maxthon
[2011.03.31 18:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Správca\Application Data\Maxthon3
[2011.03.31 18:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
[2009.10.12 19:16:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009.10.12 19:16:49 | 000,571,904 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009.10.12 19:16:49 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2004.07.09 05:08:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004.07.09 05:08:34 | 002,242,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004.07.09 04:03:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.04.02 09:34:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Správca\Desktop\OTL.exe
[2011.04.02 09:17:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005UA.job
[2011.04.02 09:12:43 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.02 07:09:42 | 000,436,236 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.02 07:09:42 | 000,068,940 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.02 07:08:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.02 07:08:32 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.02 06:59:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.01 22:17:08 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005Core.job
[2011.04.01 21:42:43 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011.04.01 21:42:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.04.01 13:00:56 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Správca\Desktop\RSIT.exe
[2011.04.01 04:53:31 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\Správca\Desktop\Mozilla Firefox.lnk
[2011.03.31 18:50:05 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Microsoft\Internet Explorer\Quick Launch\Maxthon 3.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.04.01 21:42:43 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011.04.01 13:00:47 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Správca\Desktop\RSIT.exe
[2011.04.01 04:53:31 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\Správca\Desktop\Mozilla Firefox.lnk
[2011.03.31 18:50:05 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\Správca\Application Data\Microsoft\Internet Explorer\Quick Launch\Maxthon 3.lnk
[2011.03.19 23:45:03 | 000,334,422 | ---- | C] () -- C:\WINDOWS\System32\viwc.exe
[2011.03.19 23:21:27 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2011.03.19 23:21:26 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2011.03.19 23:21:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2011.03.17 22:30:56 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.03.17 22:29:42 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.03.17 22:29:41 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.03.17 22:29:38 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.06.27 14:56:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PortraitMaker.INI
[2010.06.22 23:31:42 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010.06.10 22:34:20 | 000,000,090 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat
[2010.05.03 21:19:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.03 21:19:31 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.03 21:19:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.05.03 21:19:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.03 21:19:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.30 20:19:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cid_store.dat
[2010.04.23 16:45:05 | 000,045,252 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.03.10 16:22:48 | 000,002,181 | ---- | C] () -- C:\WINDOWS\Helicon Debug Window.ini
[2010.01.31 14:00:42 | 014,812,423 | ---- | C] () -- C:\WINDOWS\System32\TiskProRadost_AlbumMaker_uninstaller.exe
[2010.01.31 13:04:19 | 000,000,063 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\Ts_infos.ini
[2010.01.18 22:22:14 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez4741.dat
[2010.01.18 17:33:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KA.ini
[2010.01.08 15:02:35 | 006,294,528 | ---- | C] () -- C:\WINDOWS\System32\MediaIO1.dll
[2010.01.08 15:02:32 | 009,974,784 | ---- | C] () -- C:\WINDOWS\System32\MioPlayer2.dll
[2009.12.09 23:14:20 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009.10.26 18:09:04 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.10.12 19:16:53 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2009.10.12 19:16:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2009.10.12 19:16:52 | 000,015,506 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009.10.12 19:16:50 | 000,788,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2009.10.12 19:16:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe
[2009.09.18 19:37:38 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009.08.16 08:03:28 | 000,000,184 | ---- | C] () -- C:\Documents and Settings\Správca\Application Data\wklnhst.dat
[2009.07.28 14:47:06 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Správca\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.15 10:45:02 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.07.15 09:27:09 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2009.07.14 20:59:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.07.14 20:59:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.05.26 22:21:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009.05.26 21:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uvcrecordfix.exe
[2009.05.26 21:32:21 | 000,024,576 | ---- | C] () -- C:\WINDOWS\Sleep.exe
[2009.05.26 21:28:00 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009.05.26 21:28:00 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009.05.26 21:25:41 | 000,013,650 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009.05.26 21:24:24 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2009.05.26 21:20:10 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2009.05.26 21:20:10 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2009.05.12 02:50:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.12 02:46:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.05.12 02:35:42 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009.05.12 02:35:32 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009.05.12 02:35:31 | 000,436,236 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009.05.12 02:35:31 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009.05.12 02:35:31 | 000,068,940 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009.05.12 02:35:31 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009.05.12 02:35:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009.05.12 02:35:30 | 000,004,562 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009.05.12 02:35:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009.05.12 02:35:28 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009.05.12 02:35:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009.05.12 02:35:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009.05.12 02:35:23 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009.05.11 19:42:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.11 19:41:44 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.07.22 11:51:34 | 003,432,656 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004.07.19 23:58:36 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004.07.19 23:53:26 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004.07.09 15:17:16 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
[2004.07.09 10:13:48 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004.07.09 10:13:46 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2003.04.07 11:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011.04.01 21:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009.12.03 14:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.06 23:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010.03.10 16:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Helicon
[2011.02.22 12:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.09.06 21:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009.09.06 21:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011.03.10 14:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2010.05.31 13:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.14 16:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2010.01.31 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory
[2011.03.18 16:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009.05.26 21:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wireless LAN Card
[2011.03.19 00:19:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2009.08.27 19:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\COWON
[2009.07.14 20:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools
[2009.08.17 17:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools Lite
[2009.07.14 20:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools Pro
[2010.04.11 13:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\EBookSys
[2010.03.09 17:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\EmailNotifier
[2011.03.19 08:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\facemoods.com
[2010.01.15 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\FashionCrazeChech
[2009.07.14 20:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Foxit
[2010.03.07 00:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\FrmMain
[2010.02.04 08:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\gtk-2.0
[2010.03.10 16:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Imagic403N
[2010.04.28 14:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Lunascape
[2011.03.12 22:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\magentictb
[2010.06.27 19:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\MagicEffect Photo
[2010.10.16 09:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\ManyCam
[2011.03.31 18:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Maxthon3
[2010.03.14 22:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\mojosoft
[2010.09.01 11:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\MxBoost
[2010.02.28 22:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\ooVoo Details
[2009.07.14 22:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Opera
[2010.05.05 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\photopos
[2010.03.06 23:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\PhotoposComtb
[2011.03.12 21:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Pipeliner.5A8F60606AB9E68112BC6FCD53E816B203E65DCC.1
[2011.04.02 09:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\PriceGong
[2010.02.03 08:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Serif
[2010.04.29 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Template
[2010.02.26 22:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Thinstall
[2011.03.15 22:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\WebcamMax
[2010.03.30 23:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\XnView
[2009.10.26 21:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Zoner
[2010.06.10 07:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\IrfanView

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Eee Docking" = C:\Program Files\ASUS\Eee Docking\Eee Docking.exe -- [2009.05.08 10:42:54 | 000,395,776 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"WebcamMaxAutoRun" = "C:\Program Files\WebcamMax\WebcamMax.exe" -a -- [2009.12.30 23:50:08 | 001,561,232 | ---- | M] (CoolwareMax)
"Google Update" = "C:\Documents and Settings\Správca\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2010.10.14 05:07:14 | 000,136,176 | ---- | M] (Google Inc.)
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation)
"viwc" = C:\WINDOWS\system32\viwc.exe -- [2008.11.15 14:29:12 | 000,334,422 | ---- | M] ()
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.03.12 21:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.04.23 16:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.10.20 22:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.05.26 21:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2011.04.01 21:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010.01.12 12:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009.12.03 14:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.03.06 23:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010.03.10 16:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Helicon
[2011.02.22 12:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.09.06 21:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009.09.06 21:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011.03.19 12:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.08.24 23:44:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.12.16 07:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.10.17 10:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009.12.06 11:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2011.03.10 14:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2011.03.31 20:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.03.31 08:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2009.12.06 11:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.05.31 13:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.14 16:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivendi Universal Games
[2010.01.31 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Watermark Factory
[2011.03.18 16:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009.05.26 21:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009.05.26 21:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wireless LAN Card
[2011.03.19 00:19:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2008.07.08 00:54:31 | 002,397,336 | ---- | M] (Stardock Corporation ) -- C:\Documents and Settings\All Users\Application Data\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}\CursorFX_setup.exe
[2009.07.16 00:08:40 | 000,857,560 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
[2010.01.12 12:43:16 | 000,036,864 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\TEMP\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
[2008.08.06 16:31:14 | 000,528,384 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Wireless LAN Card\Wireless LAN Card\Driver\RaInst.exe

< %APPDATA%\*. >
[2011.03.12 21:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Adobe
[2010.07.15 21:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Apple Computer
[2009.08.27 19:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\COWON
[2010.01.12 12:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\CyberLink
[2009.07.14 20:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools
[2009.08.17 17:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools Lite
[2009.07.14 20:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\DAEMON Tools Pro
[2010.04.11 13:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\EBookSys
[2010.03.09 17:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\EmailNotifier
[2011.03.19 08:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\facemoods.com
[2010.01.15 15:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\FashionCrazeChech
[2009.07.14 20:45:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Foxit
[2010.03.07 00:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\FrmMain
[2009.10.01 21:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Google
[2010.02.04 08:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\gtk-2.0
[2011.03.31 20:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Hamachi
[2010.01.14 23:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Identities
[2010.03.10 16:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Imagic403N
[2009.05.26 21:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\InstallShield
[2010.04.28 14:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Lunascape
[2009.07.14 20:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Macromedia
[2011.03.12 22:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\magentictb
[2010.06.27 19:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\MagicEffect Photo
[2010.10.16 09:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\ManyCam
[2011.03.31 18:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Maxthon3
[2011.03.27 01:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Media Player Classic
[2010.01.27 01:30:55 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Správca\Application Data\Microsoft
[2010.03.14 22:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\mojosoft
[2011.03.12 17:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Mozilla
[2010.09.01 11:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\MxBoost
[2010.02.28 22:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\ooVoo Details
[2009.07.14 22:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Opera
[2010.05.05 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\photopos
[2010.03.06 23:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\PhotoposComtb
[2011.03.12 21:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Pipeliner.5A8F60606AB9E68112BC6FCD53E816B203E65DCC.1
[2011.04.02 09:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\PriceGong
[2010.02.03 08:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Serif
[2011.04.02 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Skype
[2011.02.22 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\skypePM
[2009.12.08 20:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Sun
[2010.04.29 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Template
[2010.02.26 22:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Thinstall
[2009.07.14 21:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\U3
[2011.03.15 22:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\WebcamMax
[2009.08.19 20:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\WinRAR
[2010.03.30 23:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\XnView
[2009.10.26 21:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\Zoner

< %APPDATA%\*.exe /s >
[2010.06.21 23:04:11 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Thinstall\DreamLight Photo Editor 2.38\1000000500002i\hh.exe
[2006.12.07 10:45:12 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\U3\temp\cleanup.exe
[2006.12.07 10:45:12 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Správca\Application Data\U3\temp\Launchpad Removal.exe


< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\VITrans\explorer.exe
[2008.04.14 14:00:00 | 001,423,872 | ---- | M] (Microsoft Corporation) MD5=6A8B0B64F8D7EBEF70B16FF689C3C76D -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\I386\$OEM$\TEXTMODE\IASTOR.SYS
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\OemDir\iaStor.sys
[2008.09.12 07:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=3C3393C92A73A3006C7B706DAC54A812 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.03 16:56:06 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.05.11 19:41:24 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.11 19:41:24 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.11 19:41:24 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.04.01 21:42:37 | 000,002,625 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.04.02 07:09:42 | 000,068,940 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.04.02 07:09:42 | 000,436,236 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.04.02 07:09:42 | 000,513,928 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.04.02 07:08:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Správca\Local Settings\Application Data\desktop.ini:07a19238af92db80fe9045ca73c7a84e
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:565A6F90
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADF211B1

< End of report >

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 10:46
od lubica
OTL Extras logfile created on: 2.4.2011 9:41:21 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Správca\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 430,00 Mb Available Physical Memory | 42,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72,06 Gb Total Space | 49,81 Gb Free Space | 69,13% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 65,60 Gb Free Space | 91,05% Space Free | Partition Type: NTFS

Computer Name: YOUR-05P9C7J1P9 | User Name: Správca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
.url [@ = InternetShortcut] -- C:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)

[HKEY_USERS\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
http [open] -- "C:\Program Files\Maxthon2\Maxthon.exe" "%1"
InternetShortcut [open] -- "C:\Program Files\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\Správca\Desktop\ikony z plochy\Arkanoid3d\Arkanoid 3D\Arkanoid3d.exe" = C:\Documents and Settings\Správca\Desktop\ikony z plochy\Arkanoid3d\Arkanoid 3D\Arkanoid3d.exe:*:Enabled:Arkanoid3d
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC)
"C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe" = C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Enabled:MxDownloadServer
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 24
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}" = A4 TECH PC Camera V
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-A81200000003}" = Adobe Reader 8 - Slovak
"{B536CA63-8BB3-4027-A495-84DD9FED17EC}" = Windows Live Sync
"{B7B91B13-D577-424E-ADA4-4B4F511A3CF1}" = 182901
"{B9BDA46B-2E17-4F43-9D7A-9B1E09A0A4D8}" = Data Sync
"{BEC7BDC8-7A83-4312-9340-1ECDF06C1434}" = Microsoft Works
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C89F5AF9-12F5-4F68-B3FE-EFF085755DBF}" = Imagic 4 Free Browser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Win2 USB PC Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CursorFX" = CursorFX
"DreamLight Photo Editor_is1" = DreamLight Photo Editor 2.54
"Eee Docking_is1" = Eee Docking 1.3.1.0
"EeePC1005HA" = EeePC1005HA Screen Saver
"facemoods" = facemoods
"Foxit Reader" = Foxit Reader
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7-MUI" = Windows Internet Explorer 7 Multilingual User Interface (MUI)
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.0.0
"Magic Photo Editor_is1" = Magic Photo Editor 5.8
"ManyCam" = ManyCam 2.6.25 (remove only)
"Maxthon3" = Maxthon 3
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RocketDock_is1" = RocketDock 1.3.5
"Seven Remix XP" = Seven Remix XP 2.41
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Vista Transformation Pack" = Vista Transformation Pack 8.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoner Photo Studio 8_is1" = Zoner Photo Studio 8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31.3.2011 4:40:33 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 31.3.2011 4:40:33 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2000

Error - 31.3.2011 4:40:33 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2000

Error - 31.3.2011 9:13:09 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 31.3.2011 9:13:09 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1969

Error - 31.3.2011 9:13:09 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1969

Error - 31.3.2011 14:03:34 | Computer Name = YOUR-05P9C7J1P9 | Source = MsiInstaller | ID = 1013
Description = Produkt: Skype™ 3.8 -- Už je nainstalována novější verze produktu
Skype™ 3.8.

Error - 1.4.2011 9:05:56 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1.4.2011 9:05:56 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2047

Error - 1.4.2011 9:05:56 | Computer Name = YOUR-05P9C7J1P9 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2047

[ System Events ]
Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:31:59 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 2.4.2011 3:32:00 | Computer Name = YOUR-05P9C7J1P9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126


< End of report >

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 12:12
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=w7th2&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sk-sk.facebook.com/ [binary data]
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "ooVoo Video Chat Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin
[2011.03.25 09:18:41 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011.03.20 13:48:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.18 23:33:11 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\extensions\ffxtlbr@Facemoods.com
[2010.04.28 14:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Správca\Application Data\Mozilla\SeaMonkey\Profiles\3e38xgbk.default\extensions
[2010.05.16 18:39:28 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\conduit.xml
[2011.03.31 05:20:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin-1.xml
[2011.03.23 22:43:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin-2.xml
[2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.src
[2011.03.13 00:32:33 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\icqplugin.xml
[2011.03.12 16:59:15 | 000,002,144 | ---- | M] () -- C:\Documents and Settings\Správca\Application Data\Mozilla\Firefox\Profiles\d55rfpb1.default\searchplugins\MyStart Search.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SPRáVCA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D55RFPB1.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM
[2009.12.08 20:09:21 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2010.01.31 14:12:17 | 001,140,200 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPFxViewer.dll
[2011.01.18 18:27:04 | 000,002,037 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchw7th2.xml
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-510800751-467427538-2743169865-1005\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O33 - MountPoints2\{97b16826-c89c-11df-b8b8-0026185a66a1}\Shell - "" = AutoRun
O33 - MountPoints2\{97b16828-c89c-11df-b8b8-0026185a66a1}\Shell - "" = AutoRun
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2011.03.19 08:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Správca\Application Data\facemoods.com
@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Správca\Local Settings\Application Data\desktop.ini:07a19238af92db80fe9045ca73c7a84e
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:565A6F90
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADF211B1

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"facemoods"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]

:services
JavaQuickStarterService;
gupdate
 
:files
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-510800751-467427538-2743169865-1005UA.job
C:\Program Files\facemoods.com
C:\Program Files\Styler\TB
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 13:57
od lubica
Urobila som to čo ste mi napísal 2x, po ukončení opravy vyskočilo okno že oprava je ukončená a tlačítkom OK sa mal pc reštartovať. Nereštartoval sa ani po 10 minútach, tak som reštartovala ručne. Pri spustení pc mi to nedalo žiaden log. Tak neviem čo teraz. Ďakujem za pomoc

Re: Prosím o kontrolu logu. Dakujem pekne

Napsal: 02 dub 2011 17:58
od vyosek
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a opakujtre opravu pomoci OTL
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz