VIRY.CZ

Dobry den. Pekne Vas prosim o preventivnu kontrolu mojho PC. Vsetko funguje ako ma (aspon myslim ), ale zda sa mi akysi pomalsi. Dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2011-07-16 14:55:24
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 31 GB (33%) free of 95 GB
Total RAM: 1916 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:56, on 16. 7. 2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\3\3Connect\AutoUpdateSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Update Agent.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing)

--
End of file - 5254 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... n_dtid=&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npCortona.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npCortona.dll
npdeployJava1.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
staged
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-30 1390984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-30 1390984]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-07-04 3493720]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-06 26102056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Agent.lnk - C:\Program Files\3\3Connect\AutoUpdateSrv.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-16 14:55:24 ----D---- C:\rsit
2011-07-13 16:48:12 ----A---- C:\Windows\system32\win32k.sys
2011-07-13 16:48:06 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 16:47:34 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 16:47:34 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-11 08:04:31 ----A---- C:\Windows\system32\wininet.dll
2011-07-11 08:04:31 ----A---- C:\Windows\system32\urlmon.dll
2011-07-11 08:04:31 ----A---- C:\Windows\system32\jsproxy.dll
2011-07-11 08:04:30 ----A---- C:\Windows\system32\mshtml.dll
2011-07-11 08:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2011-07-11 08:04:29 ----A---- C:\Windows\system32\iertutil.dll
2011-07-11 08:04:29 ----A---- C:\Windows\system32\ieframe.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\occache.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\mstime.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\licmgr10.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\ieUnatt.exe
2011-07-11 08:04:26 ----A---- C:\Windows\system32\ieui.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\iesysprep.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\iesetup.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\iernonce.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\iepeers.dll
2011-07-11 08:04:26 ----A---- C:\Windows\system32\iedkcs32.dll
2011-07-11 08:04:23 ----A---- C:\Windows\system32\msfeedssync.exe
2011-07-11 08:04:23 ----A---- C:\Windows\system32\ie4uinit.exe
2011-07-11 08:04:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-07-11 08:04:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-07-11 08:04:15 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-07-11 08:04:13 ----A---- C:\Windows\system32\drivers\afd.sys
2011-07-11 08:03:38 ----A---- C:\Windows\system32\oleaut32.dll
2011-07-11 08:03:36 ----A---- C:\Windows\system32\inetcomm.dll
2011-07-11 08:03:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-07-11 08:03:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-07-11 08:03:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-07-11 08:02:33 ----A---- C:\Windows\system32\schannel.dll
2011-06-25 21:39:51 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-06-18 10:01:40 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2011-07-16 14:55:47 ----D---- C:\Windows\temp
2011-07-16 14:55:43 ----D---- C:\Program Files\trend micro
2011-07-16 14:48:17 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2011-07-16 12:31:29 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2011-07-15 08:57:15 ----SHD---- C:\System Volume Information
2011-07-13 18:46:38 ----D---- C:\Windows\winsxs
2011-07-13 18:26:15 ----D---- C:\Windows\system32\catroot
2011-07-13 18:22:45 ----D---- C:\Windows\System32
2011-07-13 16:50:02 ----A---- C:\Windows\system32\mrt.exe
2011-07-13 16:47:44 ----D---- C:\Windows\system32\catroot2
2011-07-12 17:14:08 ----D---- C:\Program Files\Windows Mail
2011-07-11 08:19:45 ----D---- C:\Windows\system32\migration
2011-07-11 08:19:45 ----D---- C:\Windows\system32\drivers
2011-07-11 08:19:45 ----D---- C:\Program Files\Internet Explorer
2011-07-11 07:19:57 ----D---- C:\Windows
2011-07-07 13:48:41 ----D---- C:\Windows\Minidump
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-01 20:46:48 ----D---- C:\Users\Viera\AppData\Roaming\ICQ
2011-06-30 19:53:14 ----D---- C:\Program Files\GiftBoxPlus
2011-06-27 22:18:03 ----D---- C:\Program Files\Mozilla Firefox
2011-06-18 10:03:21 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 NMSAccess;NMSAccess; C:\Program Files\Blaze Media Pro\NMSAccess32.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Zdravim a pekny den preji

Nejake ty zbytecnosti a drobnosti tam mate, kouknem na to poradne

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 16. 7. 2011 15:24:52 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Viera\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,87 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 49,96% Memory free
3,99 Gb Paging File | 2,95 Gb Available in Paging File | 73,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 30,51 Gb Free Space | 32,88% Space Free | Partition Type: NTFS
Drive D: | 93,54 Gb Total Space | 67,92 Gb Free Space | 72,62% Space Free | Partition Type: NTFS

Computer Name: MAREK | User Name: Viera | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011/07/16 15:21:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Viera\Desktop\OTL.exe
PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/06/27 22:18:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009/02/23 20:45:16 | 000,670,256 | ---- | M] (Birdstep Technology) -- C:\Program Files\3\3Connect\AutoUpdateSrv.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/11/14 16:50:42 | 004,706,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/08/24 08:20:38 | 000,552,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe
PRC - [2006/12/23 19:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 19:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe


========== Modules (SafeList) ==========

MOD - [2011/07/16 15:21:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Viera\Desktop\OTL.exe
MOD - [2011/07/04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/31 06:59:24 | 000,350,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/05/02 17:07:54 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2008/03/17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/08/24 11:28:08 | 000,452,096 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SISGRKMD.sys -- (SiS6350)
DRV - [2007/01/24 10:08:06 | 000,056,184 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SISAGPX.sys -- (SISAGP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... n_dtid=&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Viera\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/07/11 07:19:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/27 22:18:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 10:02:11 | 000,000,000 | ---D | M]

[2009/12/20 16:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Viera\AppData\Roaming\mozilla\Extensions
[2011/07/16 14:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions
[2010/07/29 22:45:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/28 21:17:26 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/06/20 20:42:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/07/16 14:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\staged
[2010/08/18 23:05:25 | 000,000,000 | ---D | M] (CrowdStar Gamebar) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com
[2010/05/06 12:43:06 | 000,002,555 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\askcom.xml
[2011/07/09 20:45:23 | 000,000,950 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin-1.xml
[2010/06/21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin.xml
[2011/06/07 19:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/22 17:28:38 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/18 16:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/08 19:51:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/20 16:12:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/01 10:59:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/07 19:19:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/07/11 07:19:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
() (No name found) -- C:\USERS\VIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J5A98B64.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
() (No name found) -- C:\USERS\VIERA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J5A98B64.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011/06/27 22:18:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/06/01 13:22:18 | 000,874,008 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/12/17 19:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2011/06/27 22:17:58 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011/06/27 22:17:58 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011/06/27 22:17:58 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011/06/27 22:17:58 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011/06/27 22:17:58 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011/06/27 22:17:58 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\Toolbar\WebBrowser: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.220.220 208.67.222.222
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Viera\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Viera\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{144aca19-4afd-11df-8a2b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{144aca19-4afd-11df-8a2b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1d0d3e57-4558-11df-92e1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d0d3e57-4558-11df-92e1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2c5f7297-43b4-11df-810a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2c5f7297-43b4-11df-810a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2f7dbfd7-3d81-11df-a9a3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2f7dbfd7-3d81-11df-a9a3-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{31cfef81-49f0-11df-a6b6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{31cfef81-49f0-11df-a6b6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{344aeec3-0425-11df-870e-001644deaff1}\Shell - "" = AutoRun
O33 - MountPoints2\{344aeec3-0425-11df-870e-001644deaff1}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{57a97971-5eb6-11df-b383-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{57a97971-5eb6-11df-b383-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5da3121d-5ff4-11df-a865-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5da3121d-5ff4-11df-a865-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e25229d-59ce-11df-b8b3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5e25229d-59ce-11df-b8b3-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{63a891b5-0416-11df-bfdf-001644deaff1}\Shell - "" = AutoRun
O33 - MountPoints2\{63a891b5-0416-11df-bfdf-001644deaff1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{76888cb1-4214-11df-956e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{76888cb1-4214-11df-956e-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{76c4b8a3-4864-11df-ba93-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{76c4b8a3-4864-11df-ba93-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7ac06a9e-ed6c-11de-a454-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7ac06a9e-ed6c-11de-a454-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup-dsb.exe
O33 - MountPoints2\{7b269e23-479e-11df-9d1d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7b269e23-479e-11df-9d1d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{872b261d-5dc7-11df-a313-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{872b261d-5dc7-11df-a313-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{876e5843-5b56-11df-b77f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{876e5843-5b56-11df-b77f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8b237ca3-46cf-11df-9e77-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8b237ca3-46cf-11df-9e77-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91b12a9d-414c-11df-81f0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{91b12a9d-414c-11df-81f0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{994bb45a-1f90-11df-8fa4-00030da16ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{994bb45a-1f90-11df-8fa4-00030da16ca5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{994bb45c-1f90-11df-8fa4-00030da16ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{994bb45c-1f90-11df-8fa4-00030da16ca5}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{9e62182d-431a-11df-868b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9e62182d-431a-11df-868b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9fbb6ca1-48a9-11df-8ce0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9fbb6ca1-48a9-11df-8ce0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a3819e1d-5e6d-11df-af06-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a3819e1d-5e6d-11df-af06-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a742e32d-4261-11df-9754-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a742e32d-4261-11df-9754-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ad6421fd-4627-11df-a1c8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ad6421fd-4627-11df-a1c8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ae5f0257-3d59-11df-88e9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ae5f0257-3d59-11df-88e9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bac77771-59af-11df-b838-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bac77771-59af-11df-b838-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c0e27e61-3d8d-11df-accd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c0e27e61-3d8d-11df-accd-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c0effacb-5f7e-11df-a760-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c0effacb-5f7e-11df-a760-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c6fad257-460d-11df-92c0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c6fad257-460d-11df-92c0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d5a32f31-5b3b-11df-8189-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d5a32f31-5b3b-11df-8189-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d7882a77-20a3-11df-b260-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d7882a77-20a3-11df-b260-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{dfc76777-5f26-11df-a608-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfc76777-5f26-11df-a608-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e26025bd-42f2-11df-a734-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e26025bd-42f2-11df-a734-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5fa66c6-0411-11df-9654-001644deaff1}\Shell - "" = AutoRun
O33 - MountPoints2\{f5fa66c6-0411-11df-9654-001644deaff1}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011/07/16 15:20:41 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Viera\Desktop\OTL.exe
[2011/07/16 14:55:24 | 000,000,000 | ---D | C] -- C:\rsit
[2011/07/13 16:48:12 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/13 16:47:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/13 16:47:34 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/07/12 18:00:20 | 068,538,302 | ---- | C] (Logotron ) -- C:\Users\Viera\Desktop\revelation-natural-art.exe
[2011/07/11 08:04:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/07/11 08:04:29 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/07/11 08:04:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/07/11 08:04:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/07/11 08:04:26 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/07/11 08:04:26 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/07/11 08:04:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/07/11 08:04:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/07/11 08:04:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/07/11 08:04:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/07/11 08:04:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/07/11 08:04:26 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/07/11 08:04:26 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/07/11 08:04:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/07/11 08:04:23 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/07/11 08:04:23 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/07/11 08:04:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

========== Files - Modified Within 7 Days ==========

[2011/07/16 15:21:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Viera\Desktop\OTL.exe
[2011/07/16 14:55:12 | 000,781,383 | ---- | M] () -- C:\Users\Viera\Desktop\RSIT.exe
[2011/07/16 14:24:53 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/16 14:24:52 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/16 14:24:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/16 14:24:36 | 2010,300,416 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 18:25:28 | 000,395,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 19:43:11 | 068,538,302 | ---- | M] (Logotron ) -- C:\Users\Viera\Desktop\revelation-natural-art.exe
[2011/07/11 07:19:59 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/07/10 20:37:22 | 000,081,920 | ---- | M] () -- C:\Users\Viera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2011/07/16 14:54:53 | 000,781,383 | ---- | C] () -- C:\Users\Viera\Desktop\RSIT.exe
[2010/03/21 20:03:55 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/03/21 20:03:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/03/03 19:42:13 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/02/08 17:01:07 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/01/18 11:16:52 | 000,076,118 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2009/12/25 16:18:53 | 000,051,712 | ---- | C] () -- C:\Windows\System32\coodest.dll
[2009/12/25 16:08:46 | 000,081,920 | ---- | C] () -- C:\Users\Viera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/23 20:52:30 | 000,880,557 | ---- | C] () -- C:\Users\Viera\AppData\Roaming\farm.bmp
[2009/12/23 20:35:45 | 000,011,333 | ---- | C] () -- C:\Users\Viera\AppData\Roaming\settings.dat
[2009/12/22 18:42:49 | 000,000,000 | ---- | C] () -- C:\Windows\Orion 2009.ini
[2009/12/20 16:05:19 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/12/20 16:05:18 | 001,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/12/20 16:05:18 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/12/20 16:05:17 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/12/20 16:05:17 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/12/20 15:46:02 | 000,000,680 | ---- | C] () -- C:\Users\Viera\AppData\Local\d3d9caps.dat
[2006/11/06 21:30:38 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 000,395,648 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004/12/16 23:06:06 | 000,000,001 | ---- | C] () -- C:\Windows\ddindfefsners.dll

========== LOP Check ==========

[2009/12/25 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\AnvSoft
[2010/01/18 11:34:46 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Birdstep Technology
[2010/01/18 11:20:55 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Birdstep Technology(94)
[2010/03/05 19:11:11 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Facebook
[2010/11/14 14:55:49 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\GetRightToGo
[2009/12/20 16:05:00 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\GHISLER
[2011/07/01 20:46:48 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\ICQ
[2011/02/05 23:52:55 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\OpenOffice.org
[2010/12/29 16:24:00 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\TuxPaint
[2011/07/16 12:33:00 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006/12/23 19:05:20 | 000,143,360 | ---- | M] (Nero AG)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010/04/06 02:27:46 | 026,102,056 | R--- | M] (Skype Technologies S.A.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/01/24 01:20:08 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Adobe
[2009/12/20 17:02:07 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Ahead
[2009/12/25 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\AnvSoft
[2010/01/18 11:34:46 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Birdstep Technology
[2010/01/18 11:20:55 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Birdstep Technology(94)
[2010/03/05 19:11:11 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Facebook
[2010/11/14 14:55:49 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\GetRightToGo
[2009/12/20 16:05:00 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\GHISLER
[2011/07/01 20:46:48 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\ICQ
[2009/12/20 15:46:07 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Identities
[2009/12/20 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\InstallShield
[2009/12/20 16:45:13 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Macromedia
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Media Center Programs
[2009/12/22 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Media Player Classic
[2011/05/25 17:29:44 | 000,000,000 | --SD | M] -- C:\Users\Viera\AppData\Roaming\Microsoft
[2009/12/20 16:07:13 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Mozilla
[2011/02/05 23:52:55 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\OpenOffice.org
[2011/07/16 15:25:08 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\Skype
[2011/07/16 12:31:29 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\skypePM
[2010/12/29 16:24:00 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\TuxPaint
[2009/12/20 16:47:24 | 000,000,000 | ---D | M] -- C:\Users\Viera\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010/03/05 19:11:11 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Viera\AppData\Roaming\Facebook\uninstall.exe


< MD5 for: AGP440.SYS >
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/01/21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\System32\autochk.exe
[2008/01/21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008/01/21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\System32\cryptsvc.dll
[2008/01/21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2008/01/21 04:23:01 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006/11/02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008/01/21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008/01/21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008/01/21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008/01/21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/06/15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/02/13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\System32\lsass.exe
[2009/06/15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/02/13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/02/13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll

< MD5 for: SMSS.EXE >
[2008/01/21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\System32\smss.exe
[2008/01/21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008/01/21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008/01/21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011/07/16 14:24:52 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/16 14:24:53 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/13 18:25:28 | 000,395,648 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2011/07/13 16:50:02 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mrt.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010506-0001.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010499.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010498.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010495.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010494.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010133.avi:TOC.WMV

< End of report >

OTL Extras logfile created on: 16. 7. 2011 15:24:52 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Viera\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,87 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 49,96% Memory free
3,99 Gb Paging File | 2,95 Gb Available in Paging File | 73,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 30,51 Gb Free Space | 32,88% Space Free | Partition Type: NTFS
Drive D: | 93,54 Gb Total Space | 67,92 Gb Free Space | 72,62% Space Free | Partition Type: NTFS

Computer Name: MAREK | User Name: Viera | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A237DFF-B034-44E4-A8C7-4226336189D2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{568D3F92-F492-456D-9926-A2D34610DBFE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7426A7A8-8509-4397-A59A-551FABC8F3E9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{855B6C20-AE5B-4E9D-8F87-30AE42F41D7D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B5D5CD31-8160-4A4C-B9BB-448BA6B9D0A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BD18031D-C523-4142-BD9C-D022B7191C1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEB01FD9-50E6-4010-A422-48BAE6948F79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF3FE564-D17F-4692-B1CC-90F07A94522B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CFEBB9C8-512A-4F8B-9C21-C5D43C0EC7D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EE07E6A-D87C-474C-BED3-ADA86CDD578D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{11A3BCBF-88C1-4387-9909-354C70A05CA1}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{15B22FE2-1E1F-4DCF-A5B4-75FE549549E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{21964B45-C288-40BC-9985-DD13479AA804}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{28B917FE-BC01-486A-B470-2EC033E030DC}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{427AB5B0-8D31-4EB3-94B9-FB210BDF029F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{64CFA9F8-E19A-4667-9CC9-EEAA4600E695}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{870B804F-F65B-4520-90B7-D242E92B7CA0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8E2F0CA0-7ECD-46CA-A590-E7733764B58D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{8EBE8749-B374-4567-AC72-40ED02BC1C57}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{912281AB-D27B-42BE-88B4-BB7C61B36EA3}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{994091AE-EDC4-46EF-AA24-EF870AFB53B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A22A48B0-EE9E-46B5-9B3B-CCFE959DA897}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A2BFB9BA-B4B4-4980-BA58-6BA705A27298}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{A83BDF6B-EBFE-46DA-A33F-0A1F76E564CF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B862B257-DAD1-4178-AC42-5D1CC590C853}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D5978761-857A-42D1-B582-5E289B9BD856}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E225C918-46BB-4A0D-9A5A-9526BF827FD8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F08CC1BA-8043-4FEF-940E-C03787A54CA9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F3993967-1B37-4C1D-BEB9-4FAB6A54CD7E}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{2CA95540-9865-4E29-905B-1A46E2BB3680}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{6BFB4986-24F3-439E-AE04-E43840114CB7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{87C9CF51-2B2F-47F2-BC40-11428CE8FDF5}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{A87E9468-77D0-4D66-A027-CE3E3157FDEA}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{165B99D2-2E7C-4A22-8CE2-63C6F1101D33}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{9486F6DD-CF09-4F93-A2A7-3D76B7965AC4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B81B7159-1CA9-4A6C-A0C7-F17E62CD5FC5}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"UDP Query User{F896920E-43CB-4E24-8E6F-D1FDA7486BBA}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{28B94253-5729-4C30-8DE4-F2A0A63149B0}" = OpenOffice.org 3.2
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{AC76BA86-7AD7-1051-7B44-A94000000001}" = Adobe Reader 9.4.5 - Slovak
"{BCB002B8-493D-4C3F-A968-774FC0881051}" = Nero 7 Essentials
"{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}" = Cortona3D Viewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe Flash Player ActiveX" = Adobe® Flash® Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner (remove only)
"dsb" = Long, Thick and Sharpsighted
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GiftBox+" = GiftBox+
"HijackThis" = HijackThis 2.0.2
"Huawei Modems" = Huawei modem
"ICQToolbar" = ICQ Toolbar
"Imikimi Plugin" = Imikimi Plugin
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Standard)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 sk)" = Mozilla Firefox 5.0 (x86 sk)
"Orion 2009_is1" = Orion 2009
"PaintStar_is1" = PaintStar 2.70
"PROPLUS" = Microsoft Office Professional Plus 2007
"Room Arranger" = Room Arranger
"SiS VGA Utilities" = SiS VGA Utilities
"Stitch Art Easy! 4.0_is1" = Stitch Art Easy! 4.0 Beta 2
"Totalcmd" = Total Commander (Remove or Repair)
"Tux Paint Stamps_is1" = Tux Paint Stamps 2009-06-28
"Tux Paint_is1" = Tux Paint 0.9.21
"Uninstall_is1" = Uninstall 1.0.0.1
"WinRAR archiver" = WinRAR archivátor

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13. 7. 2011 1:31:20 | Computer Name = Marek | Source = ESENT | ID = 467
Description = Windows (3196) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemFolderPathDisplayNarrow41b of table SystemIndex_0A is corrupted
(0).

Error - 13. 7. 2011 1:31:20 | Computer Name = Marek | Source = Windows Search Service | ID = 7040
Description =

Error - 13. 7. 2011 10:25:57 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 13. 7. 2011 12:26:10 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 13. 7. 2011 14:59:58 | Computer Name = Marek | Source = Application Error | ID = 1000
Description = Chybová aplikácia AwesomiumProcess.exe, verzia 1.6.0.6, časová značka
0x4dc85950, chybový modul Awesomium.dll, verzia 1.6.0.6, časová značka 0x4dc8594d,
kód výnimky 0x80000003, odstup chyby 0x00f26f21, identifikácia procesu 0x5c0, čas
spustenia aplikácie 0x01cc418eed272ac3.

Error - 14. 7. 2011 2:17:52 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 15. 7. 2011 2:31:14 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 15. 7. 2011 7:13:05 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 16. 7. 2011 6:32:41 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

Error - 16. 7. 2011 8:26:26 | Computer Name = Marek | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 14. 7. 2011 2:16:42 | Computer Name = Marek | Source = HTTP | ID = 15016
Description =

Error - 14. 7. 2011 2:17:53 | Computer Name = Marek | Source = Service Control Manager | ID = 7000
Description =

Error - 15. 7. 2011 2:30:06 | Computer Name = Marek | Source = HTTP | ID = 15016
Description =

Error - 15. 7. 2011 2:31:15 | Computer Name = Marek | Source = Service Control Manager | ID = 7000
Description =

Error - 15. 7. 2011 7:11:39 | Computer Name = Marek | Source = HTTP | ID = 15016
Description =

Error - 15. 7. 2011 7:13:05 | Computer Name = Marek | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 7. 2011 6:31:14 | Computer Name = Marek | Source = HTTP | ID = 15016
Description =

Error - 16. 7. 2011 6:32:43 | Computer Name = Marek | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 7. 2011 8:24:56 | Computer Name = Marek | Source = HTTP | ID = 15016
Description =

Error - 16. 7. 2011 8:26:27 | Computer Name = Marek | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
  SRV - [2010/09/06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
  IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
  IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
  IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  IE - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  FF - prefs.js..browser.search.defaultengine: "Ask.com"
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.order.1: "Ask.com"
  FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=CDS&o=16188&locale=en_US&apn_uid=A4C87D04-FA46-4B69-BE8B-D1F01030CF05&apn_ptnrs=QP&apn_sauid=516683DF-829F-4E71-9999-62AFA0CB1E64&apn_dtid=&q="
  [2011/06/28 21:17:26 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
  [2011/06/20 20:42:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2010/08/18 23:05:25 | 000,000,000 | ---D | M] (CrowdStar Gamebar) -- C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com
  [2010/05/06 12:43:06 | 000,002,555 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\askcom.xml
  [2011/07/09 20:45:23 | 000,000,950 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin-1.xml
  [2010/06/21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin.xml
  File not found (No name found) -- 
  O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
  O2 - BHO: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  O3 - HKLM\..\Toolbar: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\..\Toolbar\WebBrowser: (CrowdStar Gamebar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010506-0001.mpg:TOC.WMV
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010499.mpg:TOC.WMV
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010498.mpg:TOC.WMV
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010495.mpg:TOC.WMV
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010494.mpg:TOC.WMV
  @Alternate Data Stream - 64 bytes -> C:\Users\Viera\P1010133.avi:TOC.WMV
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
  "Skype"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "QuickTime Task"=-
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  "SunJavaUpdateSched"=-
  
  :services
  NBService
  NMIndexingService
   
  :files
  C:\Program Files\Ask.com
  C:\Program Files\ICQ6Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

log z USb fix bude 2x, lebo mam dve pametove karty ktore bezne pouzivam ale len jednu dierku v pocitaci

1.
############################## | UsbFix 7.014 | [Deletion]

User: Viera (Administrator) # MAREK [DIXONSXP DIXONSXP]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 17:24:23 | 16/07/2011
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista™ Home Premium (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 8.0.6001.19088

Windows Firewall: Enabled
RAM -> 1916 Mb
C:\ (%systemdrive%) -> Fixed drive # 93 Gb (31 Mb free - 33%) [] # NTFS
D:\ -> Fixed drive # 94 Gb (68 Mb free - 73%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Removable drive # 4 Gb (68 Mb free - 2%) [] # FAT32
G:\ -> Removable drive # 2 Gb (1 Mb free - 68%) [] # FAT

################## | Files # Infected Folders |


################## | Registry |

Deleted ! HKCU\Software\F5JMWNZTHI
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\F
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{144aca19-4afd-11df-8a2b-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{1d0d3e57-4558-11df-92e1-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2f7dbfd7-3d81-11df-a9a3-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{344aeec3-0425-11df-870e-001644deaff1}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{57a97971-5eb6-11df-b383-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{5e25229d-59ce-11df-b8b3-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{76888cb1-4214-11df-956e-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{7ac06a9e-ed6c-11de-a454-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{7b269e23-479e-11df-9d1d-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{876e5843-5b56-11df-b77f-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{91b12a9d-414c-11df-81f0-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{994bb45c-1f90-11df-8fa4-00030da16ca5}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{9e62182d-431a-11df-868b-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{a3819e1d-5e6d-11df-af06-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ad6421fd-4627-11df-a1c8-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{bac77771-59af-11df-b838-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c0effacb-5f7e-11df-a760-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d5a32f31-5b3b-11df-8189-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{dfc76777-5f26-11df-a608-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{f5fa66c6-0411-11df-9654-001644deaff1}

################## | Listing |

[20/12/2009 - 16:23:51 | D ] C:\$AVG
[16/07/2011 - 17:27:09 | SHD ] C:\$RECYCLE.BIN
[08/02/2010 - 15:00:41 | A | 220] C:\aaw7boot.log
[20/12/2009 - 15:33:18 | D ] C:\Boot
[21/01/2008 - 04:24:42 | RASH | 333203] C:\bootmgr
[20/12/2009 - 15:33:20 | RAS | 8192] C:\BOOTSECT.BAK
[18/06/2011 - 20:24:03 | SHD ] C:\Config.Msi
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[26/04/2010 - 00:15:27 | D ] C:\FarmVilleBot_2.1
[16/07/2011 - 17:19:25 | ASH | 2010300416] C:\hiberfil.sys
[20/12/2009 - 16:06:24 | RD ] C:\MSOCache
[16/07/2011 - 17:19:24 | ASH | 2324123648] C:\pagefile.sys
[21/01/2008 - 04:32:31 | D ] C:\PerfLogs
[05/06/2011 - 18:46:21 | RD ] C:\Program Files
[01/06/2011 - 18:52:13 | D ] C:\ProgramData
[30/06/2010 - 15:04:07 | D ] C:\RooArr Export
[16/07/2011 - 14:55:58 | D ] C:\rsit
[16/07/2011 - 15:39:08 | SHD ] C:\System Volume Information
[20/12/2009 - 16:05:23 | D ] C:\totalcmd
[16/07/2011 - 17:27:09 | D ] C:\UsbFix
[16/07/2011 - 17:24:35 | A | 4060] C:\UsbFix.txt
[20/12/2009 - 15:46:00 | RD ] C:\Users
[11/07/2011 - 07:19:57 | D ] C:\Windows
[20/12/2009 - 16:23:51 | D ] D:\$AVG
[16/07/2011 - 17:27:09 | D ] D:\$RECYCLE.BIN
[21/12/2009 - 00:37:34 | D ] D:\advent
[10/05/2010 - 19:09:13 | D ] D:\FILMY
[02/04/2010 - 19:05:02 | D ] D:\Hudba
[01/10/2010 - 18:05:51 | D ] D:\megafory
[20/12/2009 - 16:52:31 | SHD ] D:\System Volume Information
[07/02/2010 - 17:58:44 | A | 75165282] F:\Windsurfing.mp4
[07/02/2010 - 18:04:36 | A | 86896612] F:\Záhradka.mp4
[07/02/2010 - 18:06:52 | A | 64296023] F:\Zavaruji.mp4
[07/02/2010 - 18:12:46 | A | 73108351] F:\Živy plot.mp4
[31/05/2010 - 12:45:50 | RSHD ] F:\RECYCLER
[04/08/2004 - 02:07:00 | RASH | 114688] F:\kbdxw.dll
[07/02/2010 - 13:33:44 | A | 64493855] F:\Jahody.mp4
[07/02/2010 - 13:38:40 | A | 71663755] F:\Kakriolet.mp4
[07/02/2010 - 13:53:40 | A | 78278815] F:\Koberec.mp4
[07/02/2010 - 13:58:06 | A | 64360344] F:\Kolečka.mp4
[07/02/2010 - 14:03:38 | A | 64883541] F:\Kopají bazén.mp4
[07/02/2010 - 14:20:36 | A | 71641290] F:\Kulečnik.mp4
[07/02/2010 - 14:24:30 | A | 65915881] F:\Kuťaci.mp4
[07/02/2010 - 14:30:32 | A | 83315837] F:\Maľovanie.mp4
[07/02/2010 - 14:36:12 | A | 72805645] F:\Modelaři.mp4
[07/02/2010 - 14:40:44 | A | 72795632] F:\Nabytek.mp4
[07/02/2010 - 14:44:58 | A | 64608536] F:\Natieraju podlahu.mp4
[07/02/2010 - 14:47:46 | A | 63944846] F:\Natiraji okna.mp4
[07/02/2010 - 14:53:10 | A | 73743218] F:\Nehoda.mp4
[07/02/2010 - 15:01:24 | A | 64590884] F:\Nezvany navštevnik.mp4
[07/02/2010 - 15:06:58 | A | 79521385] F:\Obraz.mp4
[07/02/2010 - 15:16:52 | A | 64138368] F:\Opekaji špekačky.mp4
[07/02/2010 - 15:20:40 | A | 62110360] F:\Opravuju strechu.mp4
[30/03/2011 - 11:54:56 | RSHD ] F:\zivotdalje
[07/02/2010 - 12:58:20 | A | 70787222] F:\Generalny uklid.mp4
[07/02/2010 - 13:03:50 | A | 85105364] F:\Gramofon.mp4
[07/02/2010 - 13:09:24 | A | 85364664] F:\Gril.mp4
[07/02/2010 - 13:14:06 | A | 75221391] F:\Hojdacie kreslo.mp4
[07/02/2010 - 13:18:10 | A | 64967445] F:\Houpačka.mp4
[07/02/2010 - 13:21:34 | A | 64555837] F:\Hrají golf.mp4
[07/02/2010 - 11:55:56 | A | 64247250] F:\Akvarium.mp4
[07/02/2010 - 11:58:10 | A | 64707372] F:\Autodraha.mp4
[07/02/2010 - 12:04:50 | A | 74741851] F:\Blatnik.mp4
[07/02/2010 - 12:19:00 | A | 75643860] F:\Cyklisti.mp4
[07/02/2010 - 12:28:26 | A | 82868945] F:\Dažď.mp4
[07/02/2010 - 12:33:22 | A | 81724286] F:\Dielňa.mp4
[07/02/2010 - 12:45:44 | A | 72296579] F:\Dvere.mp4
[07/02/2010 - 12:49:16 | A | 64749527] F:\Fax.mp4
[07/02/2010 - 12:54:24 | A | 80404608] F:\Garaž.mp4
[07/02/2010 - 15:31:34 | A | 81155606] F:\Porucha.mp4
[07/02/2010 - 15:41:44 | A | 64464920] F:\Psi bouda.mp4
[07/02/2010 - 15:57:32 | A | 72589547] F:\Sekačka.mp4
[07/02/2010 - 16:01:26 | A | 64542738] F:\Sklennik.mp4
[07/02/2010 - 16:06:42 | A | 84455708] F:\Skokani.mp4
[07/02/2010 - 16:12:14 | A | 85201139] F:\Sťahovanie.mp4
[07/02/2010 - 16:22:12 | A | 65078451] F:\Stuňou.mp4
[07/02/2010 - 16:43:36 | A | 75969506] F:\Sušenky.mp4
[07/02/2010 - 16:49:02 | A | 79135668] F:\Svetlo.mp4
[07/02/2010 - 16:55:16 | A | 82974629] F:\Tapety.mp4
[07/02/2010 - 17:01:58 | A | 86303526] F:\Telocvičňa.mp4
[07/02/2010 - 17:07:42 | A | 72107147] F:\Trezor.mp4
[07/02/2010 - 17:11:00 | A | 58951841] F:\Vánočka.mp4
[07/02/2010 - 17:14:10 | A | 64514101] F:\Vánoční stromeček.mp4
[07/02/2010 - 17:37:10 | A | 88659009] F:\Vinary.mp4
[07/02/2010 - 17:42:22 | A | 86675637] F:\Voda.mp4
[07/02/2010 - 17:47:16 | A | 73645232] F:\Vrata.mp4
[07/02/2010 - 17:53:10 | A | 87845996] F:\Vylet.mp4
[01/01/2010 - 12:00:00 | AD ] G:\cities
[01/01/2010 - 12:00:00 | RAH | 79] G:\User Content Package sd_maps_euro-d_remaining
[01/01/2010 - 12:00:00 | ASH | 2768] G:\rm598_conpack_conf.cnfp
[01/01/2010 - 12:00:00 | RAH | 135] G:\card_content.xml
[01/01/2008 - 00:00:00 | RSHD ] G:\predeftemp
[01/01/2008 - 00:00:00 | SHD ] G:\nokia_unprocessed_images_
[15/12/2010 - 15:56:12 | AD ] G:\imgcache
[15/12/2010 - 15:56:26 | AD ] G:\Snímky
[16/12/2010 - 16:21:14 | AD ] G:\Videoklipy
[15/12/2010 - 19:11:12 | D ] G:\hry
[08/01/2011 - 15:10:02 | A | 204] G:\qf
[15/12/2010 - 19:11:32 | D ] G:\hudba
[16/07/2011 - 09:29:00 | ASH | 135168] G:\355365046133243WMLicense.dat
[03/07/2011 - 13:14:26 | D ] G:\hry1

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

2.
############################## | UsbFix 7.014 | [Deletion]

User: Viera (Administrator) # MAREK [DIXONSXP DIXONSXP]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 17:31:22 | 16/07/2011
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz
Microsoft® Windows Vista™ Home Premium (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 8.0.6001.19088

Windows Firewall: Enabled
RAM -> 1916 Mb
C:\ (%systemdrive%) -> Fixed drive # 93 Gb (30 Mb free - 33%) [] # NTFS
D:\ -> Fixed drive # 94 Gb (68 Mb free - 73%) [] # NTFS
E:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (2 Mb free - 53%) [] # FAT32

################## | Files # Infected Folders |


################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2c5f7297-43b4-11df-810a-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{31cfef81-49f0-11df-a6b6-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{5da3121d-5ff4-11df-a865-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{76c4b8a3-4864-11df-ba93-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{872b261d-5dc7-11df-a313-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{994bb45a-1f90-11df-8fa4-00030da16ca5}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{9fbb6ca1-48a9-11df-8ce0-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ae5f0257-3d59-11df-88e9-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c6fad257-460d-11df-92c0-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d7882a77-20a3-11df-b260-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e26025bd-42f2-11df-a734-806e6f6e6963}

################## | Listing |

[20/12/2009 - 16:23:51 | D ] C:\$AVG
[16/07/2011 - 17:33:21 | SHD ] C:\$RECYCLE.BIN
[08/02/2010 - 15:00:41 | A | 220] C:\aaw7boot.log
[16/07/2011 - 17:27:12 | RASHD ] C:\Autorun.inf
[20/12/2009 - 15:33:18 | D ] C:\Boot
[21/01/2008 - 04:24:42 | RASH | 333203] C:\bootmgr
[20/12/2009 - 15:33:20 | RAS | 8192] C:\BOOTSECT.BAK
[18/06/2011 - 20:24:03 | SHD ] C:\Config.Msi
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[26/04/2010 - 00:15:27 | D ] C:\FarmVilleBot_2.1
[16/07/2011 - 17:19:25 | ASH | 2010300416] C:\hiberfil.sys
[20/12/2009 - 16:06:24 | RD ] C:\MSOCache
[16/07/2011 - 17:19:24 | ASH | 2324123648] C:\pagefile.sys
[21/01/2008 - 04:32:31 | D ] C:\PerfLogs
[05/06/2011 - 18:46:21 | RD ] C:\Program Files
[01/06/2011 - 18:52:13 | D ] C:\ProgramData
[30/06/2010 - 15:04:07 | D ] C:\RooArr Export
[16/07/2011 - 14:55:58 | D ] C:\rsit
[16/07/2011 - 15:39:08 | SHD ] C:\System Volume Information
[20/12/2009 - 16:05:23 | D ] C:\totalcmd
[16/07/2011 - 17:33:21 | D ] C:\UsbFix
[16/07/2011 - 17:31:29 | A | 2938] C:\UsbFix.txt
[20/12/2009 - 15:46:00 | RD ] C:\Users
[11/07/2011 - 07:19:57 | D ] C:\Windows
[20/12/2009 - 16:23:51 | D ] D:\$AVG
[16/07/2011 - 17:33:21 | D ] D:\$RECYCLE.BIN
[21/12/2009 - 00:37:34 | D ] D:\advent
[16/07/2011 - 17:27:12 | RASHD ] D:\Autorun.inf
[10/05/2010 - 19:09:13 | D ] D:\FILMY
[02/04/2010 - 19:05:02 | D ] D:\Hudba
[01/10/2010 - 18:05:51 | D ] D:\megafory
[20/12/2009 - 16:52:31 | SHD ] D:\System Volume Information
[11/06/2010 - 16:01:58 | D ] G:\DCIM
[21/08/2010 - 10:14:22 | D ] G:\instalacky_skolenie_spiss

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

OK, v pohode

Ted vzhuru do OTL

All processes killed
========== OTL ==========
Service NMSAccess stopped successfully!
Service NMSAccess deleted successfully!
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-3725892672-3043224248-1115301474-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "http://websearch.ask.com/redirect?clien ... n_dtid=&q=" removed from keyword.URL
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\modules folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-06-May-2010-10-43-03-GMT folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-10-May-2010-11-16-15-GMT folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Viera\AppData\Roaming\mozilla\Firefox\Profiles\j5a98b64.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\askcom.xml moved successfully.
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
C:\Program Files\ICQToolbar\toolbaru.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3725892672-3043224248-1115301474-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\Users\Viera\P1010506-0001.mpg:TOC.WMV deleted successfully.
ADS C:\Users\Viera\P1010499.mpg:TOC.WMV deleted successfully.
ADS C:\Users\Viera\P1010498.mpg:TOC.WMV deleted successfully.
ADS C:\Users\Viera\P1010495.mpg:TOC.WMV deleted successfully.
ADS C:\Users\Viera\P1010494.mpg:TOC.WMV deleted successfully.
ADS C:\Users\Viera\P1010133.avi:TOC.WMV deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== SERVICES/DRIVERS ==========
Service NBService stopped successfully!
Service NBService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Viera
->Temp folder emptied: 170819856 bytes
->Temporary Internet Files folder emptied: 295844257 bytes
->Java cache emptied: 25471473 bytes
->FireFox cache emptied: 50565892 bytes
->Google Chrome cache emptied: 8554106 bytes
->Flash cache emptied: 77883320 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6853632 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 607,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Viera
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07162011_173653

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Jak se chova PC

chova sa slusne
aj predtym sa choval slusne len mu to trosku dlhsie trvalo
ale zda sa mi to ok....asi...

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

A pokud nejsou problemy ci dotazy, je to z me strany vse

az na defragmentaciu je vsetko spravene, takze dakujem velmi pekne a idem defragmentovat. Vdaka

Nemate zac, rad jsem pomohl Zase nekdy