VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

presmerovanie vyhladavania v prehliadaci

https://forum.viry.cz:443/viewtopic.php?t=117160

Stránka 1 z 1

presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 15:30
od atuterix
Dobry den. Mam problem s tym, ak dam vyhladat nejaky vyraz tak miesto predvoleneho google vyhladania ma to vzdy presmeruje na vysledok: search-result.com/atd... Mam pocit ze to je virus pretoze som nenasiel nikde moznost ako to odstranit. Dakujem za kazdu radu.
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2011-11-19 15:25:15
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 34 GB (34%) free of 100 GB
Total RAM: 2046 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:25:24, on 19.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Toolbar BHO - {55cde9e7-696c-47c4-8e21-7210b8aeb103} - C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbar.dll
O2 - BHO: Search Assistant BHO - {5ed22e89-62fa-47ec-bd8d-374d849d436c} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL
O3 - Toolbar: SmileyCentral - {d3ca5551-fc2e-4d09-8ece-263607acf9fc} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://tbedits.smileycentral.com/one-to ... 2010111614
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4323996546
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: SmileyCentral Service (SmileyCentralIE_1wService) - SmileyCentral - C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbarsvc.exe

--
End of file - 6391 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1417001333-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1417001333-839522115-1004UA.job
C:\WINDOWS\tasks\iMeshNAG.job
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E4CA1586-2874-44BB-A44A-52978CEC2EC7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55cde9e7-696c-47c4-8e21-7210b8aeb103}]
Toolbar BHO - C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbar.dll [2010-11-16 675840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed22e89-62fa-47ec-bd8d-374d849d436c}]
Search Assistant BHO - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll [2010-11-16 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
SearchCore for Browsers - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL [2011-09-22 101272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d3ca5551-fc2e-4d09-8ece-263607acf9fc} - SmileyCentral - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll [2010-11-16 675840]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-24 2145000]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"DATAMNGR"=C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE [2011-09-22 1700752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-28 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-28 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-04-26 16132608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileyCentralIE_1w Browser Plugin Loader]
C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbrmon.exe [2010-11-16 20480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-04-10 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\lxdncoms.exe"="C:\WINDOWS\system32\lxdncoms.exe:*:Enabled:2600 Series Server"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnwbgw.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnwbgw.exe:*:Enabled:Lexmark Web Gateway"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Lexmark 2600 Series\lxdnmon .exe"="C:\Program Files\Lexmark 2600 Series\lxdnmon .exe:*:Enabled:Printer Device Monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\PC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\PC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2011-11-19 15:25:16 ----D---- C:\Program Files\trend micro
2011-11-19 15:25:15 ----D---- C:\rsit
2011-11-19 02:16:58 ----D---- C:\Documents and Settings\PC\Application Data\Mozilla

======List of files/folders modified in the last 1 month======

2011-11-19 15:25:16 ----RD---- C:\Program Files
2011-11-19 15:14:33 ----SHD---- C:\WINDOWS\Installer
2011-11-19 15:14:33 ----HDC---- C:\Documents and Settings\All Users\Application Data\~0
2011-11-19 15:11:56 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-19 15:03:45 ----D---- C:\WINDOWS\Temp
2011-11-19 14:21:29 ----D---- C:\Documents and Settings\PC\Application Data\Skype
2011-11-19 14:21:29 ----D---- C:\Documents and Settings\PC\Application Data\Azureus
2011-11-19 14:21:24 ----D---- C:\WINDOWS
2011-11-19 14:21:22 ----D---- C:\WINDOWS\Minidump
2011-11-19 14:21:22 ----D---- C:\WINDOWS\Logs
2011-11-19 14:21:22 ----D---- C:\WINDOWS\Debug
2011-11-19 14:21:16 ----D---- C:\WINDOWS\Prefetch
2011-11-19 14:16:02 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-11-19 14:15:20 ----D---- C:\Program Files\CCleaner
2011-11-19 14:11:55 ----RD---- C:\Program Files\Skype
2011-11-11 17:47:04 ----D---- C:\WINDOWS\system32
2011-11-11 17:27:50 ----D---- C:\WINDOWS\inf
2011-11-11 17:27:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-11 17:15:52 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-09 20:02:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-30 03:57:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-30 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-24 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-24 95872]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-24 139192]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-10 3006976]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-02 4403712]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 PAC7302;PAC7302 VGA USB Camera; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 aktpsu4y;aktpsu4y; C:\WINDOWS\system32\drivers\aktpsu4y.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-04-10 540672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-24 810120]
R2 lxdn_device;lxdn_device; C:\WINDOWS\system32\lxdncoms.exe [2008-02-27 594600]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2008-02-27 98984]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-04-09 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-08 135664]
S2 SmileyCentralIE_1wService;SmileyCentral Service; C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbarsvc.exe [2010-11-16 28766]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-24 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-08 135664]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 15:54
od chodnik74
Dobrý den :welcome:

:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým
    tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Pokud používáte 64 bitový systém,zaškrkněte volbu Pro 64 bitové OS,pokud ne,tak by měla být
    nezaškrknutá
  • Zaškrkněte okýnko Pro všechny uživatele,Kontrola havět "LOP",Kontrola havět "Purity"
  • Staří souborů změňte z 30 dnů na 7 dnů
  • Do spodního okýnka Vlastní skenování/opravy vložte následující script:

    Kód: Vybrat vše

    netsvcs
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
*crack* /s
*keygen* /s
*nocd* /s
*nodvd* /s
*AutoKMS* /s
*AutoRearm* /s
*Loader* /s
*w7lxe* /s
*Legalizator* /s
*GenuineXP* /s
*minodlogin* /s
serial.txt /s
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces
sTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Klikněte na tlačítko Prohledat
  • Po dokončení skenu,který trvá mezi 5-15 minuty se vám zobrazý dva logy OTL.txt a Extras.txt a ty
    mě sem vložte

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 18:19
od atuterix
OTL.txt

Kód: Vybrat vše

OTL logfile created on: 19.11.2011 17:46:34 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\PC\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
 
2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,70% Memory free
3,85 Gb Paging File | 3,34 Gb Available in Paging File | 86,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 32,88 Gb Free Space | 33,67% Space Free | Partition Type: NTFS
Drive D: | 135,17 Gb Total Space | 125,48 Gb Free Space | 92,83% Space Free | Partition Type: NTFS
 
Computer Name: PC-539CA0BE82F4 | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011.11.19 17:28:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\My Documents\Downloads\OTL.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.09.22 18:19:52 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
PRC - [2010.03.24 19:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.24 19:31:00 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.10.13 07:39:04 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.27 10:07:26 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdncoms.exe
PRC - [2008.02.27 10:07:14 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnserv.exe
PRC - [2006.11.03 10:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac7302\Monitor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2010.02.05 19:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 01:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008.04.14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.02.26 22:05:40 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll
MOD - [2007.11.20 11:02:40 | 000,782,336 | ---- | M] () -- C:\WINDOWS\system32\lxdndrs.dll
MOD - [2007.11.20 10:44:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\lxdncaps.dll
MOD - [2007.10.02 09:51:10 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\lxdncnv4.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2010.11.16 20:56:03 | 000,028,766 | ---- | M] (SmileyCentral) [Auto | Stopped] -- C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbarsvc.exe -- (SmileyCentralIE_1wService)
SRV - [2010.03.24 19:39:48 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.24 19:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.10.13 07:39:04 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.23 15:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008.02.27 10:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2008.02.27 10:07:14 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010.03.24 19:33:52 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.24 19:31:06 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.24 19:23:52 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.11.30 12:08:39 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008.04.13 19:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2008.04.10 11:32:34 | 003,006,976 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.06.14 14:29:08 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007.05.02 15:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.12.14 15:44:00 | 000,085,120 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2001.08.17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\..\URLSearchHook: {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)
IE - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\PC\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\PC\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.05.15 08:44:30 | 000,000,000 | ---D | M]
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://www.searchqu.com/web?src=crb&appid=139&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\PC\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\PC\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Toolbar BHO) - {55cde9e7-696c-47c4-8e21-7210b8aeb103} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
O2 - BHO: (Search Assistant BHO) - {5ed22e89-62fa-47ec-bd8d-374d849d436c} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (SmileyCentral) - {d3ca5551-fc2e-4d09-8ece-263607acf9fc} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\..\Toolbar\WebBrowser: (SmileyCentral) - {D3CA5551-FC2E-4D09-8ECE-263607ACF9FC} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.smileycentral.com/one-toolbaredits/menusearch.jhtml?s=100000469&p=ZNzfb013YYSK&si=&a=8C683A6A-C0D7-4A1A-B467-6D9FC63D561F&n=2010111614 File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254323996546 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{384ADFA4-0D70-427E-BB64-DC26CCA7B55D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB4FEAF1-03D4-4424-9925-63FC2EA3CDD2}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.30 12:46:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{086e5c1a-9e18-11df-8e16-000102fa79d9}\Shell - "" = AutoRun
O33 - MountPoints2\{086e5c1a-9e18-11df-8e16-000102fa79d9}\Shell\AutoRun\command - "" = K:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{de79d355-ca2a-11de-8b58-000102fa79d9}\Shell\AutoRun\command - "" = K:\idwypj.exe
O33 - MountPoints2\{de79d355-ca2a-11de-8b58-000102fa79d9}\Shell\explore\Command - "" = K:\idwypj.exe
O33 - MountPoints2\{de79d355-ca2a-11de-8b58-000102fa79d9}\Shell\open\Command - "" = K:\idwypj.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\Documents and Settings\PC\Local Settings\Application Data\Windows Server\yesybr.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm -  File not found
SafeBootNet: nm.sys -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2011.11.19 15:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.19 15:25:15 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.19 14:21:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PC\Recent
[2011.11.19 02:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Mozilla
[2009.10.06 17:08:49 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDNhcp.dll
[2009.10.06 17:08:49 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdninpa.dll
[2009.10.06 17:08:49 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdniesc.dll
[2009.10.06 17:08:48 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnserv.dll
[2009.10.06 17:08:48 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomc.dll
[2009.10.06 17:08:48 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnusb1.dll
[2009.10.06 17:08:48 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnhbn3.dll
[2009.10.06 17:08:48 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnpmui.dll
[2009.10.06 17:08:48 | 000,594,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoms.exe
[2009.10.06 17:08:48 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnlmpm.dll
[2009.10.06 17:08:48 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomm.dll
[2009.10.06 17:08:48 | 000,365,224 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncfg.exe
[2009.10.06 17:08:48 | 000,320,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnih.exe
[2009.10.06 17:08:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnprox.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2011.11.19 17:47:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 17:32:06 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E4CA1586-2874-44BB-A44A-52978CEC2EC7}.job
[2011.11.19 17:16:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1417001333-839522115-1004UA.job
[2011.11.19 17:15:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.19 15:34:36 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.11.19 14:15:20 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011.11.19 13:44:39 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.19 13:44:38 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2011.11.19 13:44:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.18 20:16:13 | 000,001,818 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011.11.18 19:23:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.11.19 17:47:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.17 09:10:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\{FE29F804-A54F-40A8-AF01-C55FFE9F0362}
[2011.07.21 08:56:38 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI
[2010.06.28 22:58:01 | 000,159,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.06.20 23:14:19 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.19 06:19:24 | 000,000,029 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\default.rss
[2010.06.19 06:19:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\downloads.m3u
[2010.05.15 08:41:22 | 000,000,217 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.11.05 17:52:40 | 000,152,064 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.06 17:09:24 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdncoin.dll
[2009.10.06 17:09:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdnvs.dll
[2009.10.06 17:09:01 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdndrs.dll
[2009.10.06 17:09:01 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdncaps.dll
[2009.10.06 17:09:01 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdncnv4.dll
[2009.10.06 17:08:49 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDNinst.dll
[2009.10.06 17:08:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdngrd.dll
[2009.09.30 15:58:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.09.30 15:56:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.09.30 15:55:21 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.09.30 15:54:56 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.09.30 15:54:56 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.09.30 15:54:56 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.09.30 15:54:55 | 000,168,883 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.09.30 15:54:55 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009.09.30 15:54:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2009.09.30 14:35:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.09.30 14:34:04 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.09.30 12:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.09.30 12:44:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.02.28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 13:00:00 | 000,435,832 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 13:00:00 | 000,068,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.03.16 19:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2011.09.27 07:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2009.11.15 17:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009.10.06 16:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010.05.15 08:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.08.02 10:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.11.09 08:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010.05.15 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.05.15 08:21:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.11.19 15:14:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2010.05.15 09:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2011.11.19 14:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Azureus
[2011.09.19 07:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer
[2009.11.05 19:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer Pro
[2009.11.09 08:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DriverCure
[2011.09.27 07:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\searchquband
[2011.09.27 07:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\searchqutoolbar
[2010.05.15 08:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\TuneUp Software
[2009.10.06 16:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Uniblue
[2011.11.19 13:44:38 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\iMeshNAG.job
[2011.11.11 18:00:03 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2011.11.19 17:32:06 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E4CA1586-2874-44BB-A44A-52978CEC2EC7}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 01:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2010.08.28 20:40:58 | 000,136,176 | ---- | M] (Google Inc.)
 
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.10.01 07:35:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.10.01 07:35:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 01:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.10.01 07:35:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.10.01 07:35:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
 
[color=#A23BEC]< MD5 for: CSRSS.EXE  >[/color]
[2008.04.14 01:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 01:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 
[color=#A23BEC]< MD5 for: LSASS.EXE  >[/color]
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2010.04.27 11:19:40 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
 
[color=#A23BEC]< MD5 for: NTFS.SYS  >[/color]
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.02.06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008.04.14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.06 11:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
 
[color=#A23BEC]< MD5 for: SMSS.EXE  >[/color]
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
 
[color=#A23BEC]< MD5 for: SPOOLSV.EXE  >[/color]
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 01:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=D8E14A61ACC1D4A6CD0D38AEBAC7FA3B -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
[color=#A23BEC]< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >[/color]
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.02.26 22:05:40 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /5 >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /X >[/color]
[2008.04.14 01:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 01:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 01:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 01:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 01:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 01:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 01:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008.04.10 09:16:36 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 10:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 01:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 01:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 01:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 01:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 01:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 01:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 21:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2006.02.28 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.02.28 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.07.17 10:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 01:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 01:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2009.11.30 12:08:39 | 000,639,224 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\drivers\sptd.sys
 
[color=#A23BEC]< %systemroot%\system32\*.* /5 >[/color]
[2011.11.18 19:23:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\system32\config\*.sav >[/color]
[2009.09.30 14:33:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.09.30 14:33:05 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.09.30 14:33:04 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\*.* /U /s >[/color]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Data Aplikací\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2011.07.21 08:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Adobe
[2011.11.19 14:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Azureus
[2011.09.19 07:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer
[2009.11.05 19:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer Pro
[2009.11.09 08:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DriverCure
[2009.12.08 01:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Google
[2009.09.30 15:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Identities
[2011.05.23 19:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\InstallShield
[2009.10.01 13:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Macromedia
[2010.07.29 17:21:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\PC\Application Data\Microsoft
[2011.11.19 02:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Mozilla
[2011.02.01 20:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Nero
[2011.09.27 07:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\searchquband
[2011.09.27 07:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\searchqutoolbar
[2011.11.19 17:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Skype
[2010.05.15 08:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\TuneUp Software
[2009.10.06 16:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Uniblue
[2011.09.27 07:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\vlc
[2010.03.17 17:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\WinRAR
 
[color=#A23BEC]< *crack* /s >[/color]
 
[color=#A23BEC]< *keygen* /s >[/color]
 
[color=#A23BEC]< *nocd* /s >[/color]
 
[color=#A23BEC]< *nodvd* /s >[/color]
 
[color=#A23BEC]< *AutoKMS* /s >[/color]
 
[color=#A23BEC]< *AutoRearm* /s >[/color]
 
[color=#A23BEC]< *Loader* /s >[/color]
[2009.10.13 07:40:34 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.11.19 17:07:59 | 000,004,242 | ---- | M] () -- \Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\0A92E4GL\uploaderapi2[2].swf
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR Unplugged\RarExtLoader.exe
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 01:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
 
[color=#A23BEC]< *w7lxe* /s >[/color]
 
[color=#A23BEC]< *Legalizator* /s >[/color]
 
[color=#A23BEC]< *GenuineXP* /s >[/color]
 
[color=#A23BEC]< *minodlogin* /s >[/color]
 
[color=#A23BEC]< serial.txt /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*.* >[/color]
[2011.09.06 08:05:36 | 000,000,029 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\default.rss
[2009.09.30 14:34:39 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\PC\Application Data\desktop.ini
[2010.06.19 06:19:24 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\downloads.m3u
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010.09.15 20:05:45 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\PC\Application Data\Azureus\plugins\mlab\ShaperProbeC.exe
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\BSplayer\Haali media splitter\uninstall.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ARPPRODUCTICON.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
[2009.12.08 11:26:31 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{9509674F-3972-11DE-806D-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
[2009.11.30 12:30:52 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces >[/color]
 
[color=#A23BEC]< sTime /rs >[/color]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17237A20-3ADB-48EC-B182-35291F115790}\InprocServer32\\: C:\WINDOWS\system32\mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17237A20-3ADB-48EC-B182-35291F115790}\ProgID\\: MSTIME.TIMEFactory.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17237A20-3ADB-48EC-B182-35291F115790}\VersionIndependentProgID\\: MSTIME.TIMEFactory
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A951B11A-C712-45B3-B884-2469A6243368}\InProcServer32\\: C:\WINDOWS\system32\mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSTIME.TIMEFactory\\: 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSTIME.TIMEFactory\CLSID\\: {17237A20-3ADB-48EC-B182-35291F115790}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSTIME.TIMEFactory\CurVer\\: MSTIME.TIMEFactory.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSTIME.TIMEFactory.1\\: 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSTIME.TIMEFactory.1\CLSID\\: {17237A20-3ADB-48EC-B182-35291F115790}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{87C96271-ADDB-4745-B2E8-DF88A8472FD1}\1.0\\: MSTIME [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{87C96271-ADDB-4745-B2E8-DF88A8472FD1}\1.0\0\win32\\: C:\WINDOWS\system32\mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2183461-IE8\Filelist\21\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2183461-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2183461-IE8\Filelist\46\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2360131-IE8\Filelist\23\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2360131-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2360131-IE8\Filelist\50\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2416400-IE8\Filelist\24\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2416400-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2416400-IE8\Filelist\54\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2482017-IE8\Filelist\24\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2482017-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2482017-IE8\Filelist\54\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2497640-IE8\Filelist\24\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2497640-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2497640-IE8\Filelist\54\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2530548-IE8\Filelist\24\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2530548-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2530548-IE8\Filelist\54\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2559049-IE8\Filelist\26\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2559049-IE8\Filelist\4\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2559049-IE8\Filelist\56\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2586448-IE8\Filelist\26\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2586448-IE8\Filelist\4\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2586448-IE8\Filelist\56\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB980182-IE8\Filelist\20\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB980182-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB980182-IE8\Filelist\43\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB982381-IE8\Filelist\21\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB982381-IE8\Filelist\3\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB982381-IE8\Filelist\46\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB972260\Filelist\27\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB972260\Filelist\5\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB972260\Filelist\55\\FileName: mstime.dll [2011.08.23 00:48:55 | 000,611,840 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Detect\\LastSuccessTime: 2011-11-19 12:46:40
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download\\LastSuccessTime: 2011-11-11 16:16:03
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-11 16:27:50
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Asr\\ProcessTimeOut: 3600
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Lexmark 2600 Series\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Microsoft XPS Document Writer\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RC\mstime.dll\\000600000a280000: 28 92 EB A9 99 39 F7 70 F1 22 15 84 7E 4B CF 01  [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\mstime.dll\\0: 52 04 F0 0A 00 00 06 00 00 00 28 0A 00 00 06 00  [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\mstime.dll\\1: 3A 24 BC E0 CE 84 34 BF 29 1F E9 0F A1 37 A3 DE  [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\Lexmark 2600 Series\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\Microsoft XPS Document Writer\\dnsTimeout: 15000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{384ADFA4-0D70-427E-BB64-DC26CCA7B55D}\\LeaseTerminatesTime: 1306432041
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C666AE3B-8669-4AFE-B80B-E049D16E3F96}\\LeaseTerminatesTime: 1306402821
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FB4FEAF1-03D4-4424-9925-63FC2EA3CDD2}\\LeaseTerminatesTime: 1321972955
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{384ADFA4-0D70-427E-BB64-DC26CCA7B55D}\Parameters\Tcpip\\LeaseTerminatesTime: 1306432041
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{C666AE3B-8669-4AFE-B80B-E049D16E3F96}\Parameters\Tcpip\\LeaseTerminatesTime: 1306402821
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{FB4FEAF1-03D4-4424-9925-63FC2EA3CDD2}\Parameters\Tcpip\\LeaseTerminatesTime: 1321972955
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\041B\mstime.dll\\MUIVer: Reg Error: Unknown registry data type File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\041B\mstime.dll\\00080000177149d8: 0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\041B\mstime.dll\\0008000017714abb: 0
 
[color=#A23BEC]< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
 
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
    IMAGEPATH	REG_EXPAND_SZ	%systemroot%\system32\svchost.exe -k netsvcs
 
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
    IMAGEPATH	REG_EXPAND_SZ	%SystemRoot%\system32\svchost.exe -k netsvcs
 
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
    BOOTEXECUTE	REG_MULTI_SZ	autocheck autochk *\0\0
 
[color=#A23BEC]< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >[/color]
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
    PENDINGFILERENAMEOPERATIONS	REG_MULTI_SZ	\??\C:\Documents and Settings\All Users\Application Data\~0\iLividSetupV1.exe\0\0\??\C:\Documents and Settings\All Users\Application Data\~0\mia.lib\0\0\??\C:\Documents and Settings\All Users\Application Data\~0\\0\0\0
 
[color=#A23BEC]< type c:\boot.ini >> test.txt /c >[/color]
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
 
[color=#A23BEC]< %SystemDrive%\PhysicalMBR.bin /md5 >[/color]
[2011.11.19 17:47:51 | 000,000,512 | ---- | M] () MD5=F0529B2CA37AD62231890A3CDA013DAB -- C:\PhysicalMBR.bin

< End of report >

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 18:20
od atuterix
nezmestilo sa to do 1 prispevku
Extras.txt

Kód: Vybrat vše

OTL Extras logfile created on: 19.11.2011 17:46:34 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\PC\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
 
2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,70% Memory free
3,85 Gb Paging File | 3,34 Gb Available in Paging File | 86,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 32,88 Gb Free Space | 33,67% Space Free | Partition Type: NTFS
Drive D: | 135,17 Gb Total Space | 125,48 Gb Free Space | 92,83% Space Free | Partition Type: NTFS
 
Computer Name: PC-539CA0BE82F4 | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-1220945662-1417001333-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxdncoms.exe" = C:\WINDOWS\system32\lxdncoms.exe:*:Enabled:2600 Series Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnwbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnwbgw.exe:*:Enabled:Lexmark Web Gateway -- ()
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Program Files\Lexmark 2600 Series\lxdnmon .exe" = C:\Program Files\Lexmark 2600 Series\lxdnmon .exe:*:Enabled:Printer Device Monitor -- ()
"C:\Documents and Settings\PC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2E56A14B-A38A-3AD6-B06D-4A0DCC0F2F2C}" = Google Talk Plugin
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}" = 15354 Webcam Live
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6A031978-1FDC-42D4-A30B-018FA99C5784}" = Playway to English 1 CD-ROM
"{6CF353C1-822E-4D8E-AC48-D4A2C1721403}" = ESET NOD32 Antivirus
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9509674F-3972-11DE-806D-005056806466}" = Google Zem
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{fe1a9291-eaf5-4c2c-a1d9-fa3784cfc87c}" = Nero 9 Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Azureus Vuze" = Azureus Vuze
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FLVTube Player" = FLVTube Player
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Lexmark 2600 Series" = Lexmark 2600 Series
"McDonald's Fairies " = McDonald's Fairies
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PROHYBRIDR" = 2007 Microsoft Office system
"SearchCore for Browsers" = SearchCore for Browsers
"Searchqu 406 MediaBar" = Windows iLivid Toolbar
"SmileyCentralIE_1wbar Uninstall" = SmileyCentral
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 13.4.2011 18:17:26 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 ieframe.dll, verzia 8.0.6001.19019, adresa zlyhania 0x000c76cf.
 
Error - 16.8.2011 10:45:37 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie wmplayer.exe, verzia 11.0.5721.5145, zlyhanie modulu
 wmp.dll, verzia 11.0.5721.5280, adresa zlyhania 0x001acbf4.
 
Error - 22.8.2011 5:36:08 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 4.2.40.0, zlyhanie modulu egui.exe,
 verzia 4.2.40.0, adresa zlyhania 0x00044fdd.
 
Error - 29.8.2011 14:10:13 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 flash10d.ocx, verzia 10.0.42.34, adresa zlyhania 0x0005253e.
 
Error - 27.9.2011 9:31:54 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 mshtml.dll, verzia 8.0.6001.19120, adresa zlyhania 0x00240923.
 
Error - 29.9.2011 7:33:05 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 mshtml.dll, verzia 8.0.6001.19120, adresa zlyhania 0x00240923.
 
Error - 6.10.2011 18:30:03 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 mshtml.dll, verzia 8.0.6001.19120, adresa zlyhania 0x000eca46.
 
Error - 6.10.2011 18:42:26 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 jsdbgui.dll, verzia 8.0.6001.18702, adresa zlyhania 0x00031dd8.
 
Error - 7.10.2011 6:41:52 | Computer Name = PC-539CA0BE82F4 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18702, zlyhanie modulu
 mshtml.dll, verzia 8.0.6001.19120, adresa zlyhania 0x00240923.
 
[ OSession Events ]
Error - 27.4.2010 22:07:24 | Computer Name = PC-539CA0BE82F4 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:06 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:07 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
Error - 19.11.2011 9:12:07 | Computer Name = PC-539CA0BE82F4 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
   %%126
 
 
< End of report >

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 18:40
od chodnik74
:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Do dolního okna Vlastní skenování/opravy vložíme následující skript a stiskneme tlačítko Opravit

    Kód: Vybrat vše

    :OTL
< %systemroot%\*.* /U /s >[/color]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[7 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O2 - BHO: (Toolbar BHO) - {55cde9e7-696c-47c4-8e21-7210b8aeb103} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
O2 - BHO: (Search Assistant BHO) - {5ed22e89-62fa-47ec-bd8d-374d849d436c} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
CHR - default_search_provider: search_url = http://www.searchqu.com/web?src=crb&appid=139&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1220945662-1417001333-839522115-1004\..\URLSearchHook: {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:Commands
[ClearAllRestorePoints]
[EmptyFlash]
[EmptyTemp]
[ResetHosts]
  • Po restartu pc se vám objeví log z OTL,ten mi sem prosím vložte..

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 18:40
od chodnik74
A nedávejte mi to prosím do CODE, špatně se to čte :roll: :roll:

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 19:10
od atuterix
Ja mam ten OTL po anglicky, tak mam kliknut na "Run fix" alebo "Clean up" ?
a ten log sem mam skopirovat len ako normalny text alebo "Quote"? Co je lepsie, teda citatelnejsie?

Re: presmerovanie vyhladavania v prehliadaci

Napsal: 19 lis 2011 19:12
od chodnik74
Run Fix :) a vkládejte jako normální text :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz