VIRY.CZ

caute, vie mi niekto pomoct s tymto?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:41, on 6.9.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\DOCUME~1\Sandra\LOCALS~1\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
C:\WINDOWS\system32\Restore\rstrui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Sandra\My Documents\Preberanie\hijackthis(1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [AMBDef] AMBDef.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1645522239-1078081533-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\WINDOWS\system32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

--
End of file - 7864 bytes

Zdravim

Prispevek jsem oddelil od toho kam jste se priplacnul, at se nam to neplete

Jaky mate problem

ok, dakujem. problem je ze pc zacalo dajako strajkovat. pouziva ho viac ludi a nastahovalo sa don par virov. tak som postahoval dajake antiviry a daco sa poodstranovalo, aj dajake trojske kone. pc ale stale pomale,hladanie v starte nejde, otvori sa len okno a nic v nom. zvuk tiez nejde, pri nastaveni chvilu ide, ale potom sa zase vrati do nefunkcneho stavu.. pri patrani po nete som sa dostal sem, tak skusam ci mi poradite dajake riesenie

Takze ale musime udelat porad v tech antivirech - vice antiviru na jednom systemu zpusobuje jeho nestabilitu, zasekavani a pady - vice info zde http://forum.viry.cz/viewtopic.php?f=29&t=2780

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

Restart do normalniho rezimu

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Sandra at 2012-09-06 21:44:21
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 6 GB (28%) free of 20 GB
Total RAM: 895 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:31, on 6.9.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\DOCUME~1\Sandra\LOCALS~1\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Sandra\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Sandra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [AMBDef] AMBDef.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1645522239-1078081533-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\WINDOWS\system32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

--
End of file - 7790 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?src=2&q="

"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\
"url_advisor@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
"virtual_keyboard@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
"content_blocker@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
"anti_banner@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
"online_banking@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Prenesene subory z C\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
avg-secure-search.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default\searchplugins\
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-09-06 2074208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-09-06 2074208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-21 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"CTSyncService"=C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [2009-07-08 1233195]
"AMBDef"=C:\WINDOWS\AMBDef.exe [2008-01-24 53248]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-09-06 1107552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2012-08-17 200632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=Ir32_32.dll
"vidc.iv32"=Ir32_32.dll
"vidc.iv41"=Ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvid.dll
"msacm.lameacm"=lameACM.acm
"vidc.3ivx"=3ivxVfWCodec.dll
"vidc.3iv2"=3ivxVfWCodec.dll
"msacm.divxa32"=divxa32.acm
"VIDC.HFYU"=huffyuv.dll
"VIDC.wmv3"=wmv9vcm.dll
"VIDC.i263"=i263_32.drv
"msacm.imc"=imc32.acm
"VIDC.IV40"=Ir41_32.ax
"VIDC.VP60"=vp6vfw.dll
"VIDC.VP61"=vp6vfw.dll
"VIDC.VP31"=vp31vfw.dll
"vidc.MPG4"=Mpg4c32.dll
"vidc.MP42"=Mpg4c32.dll
"vidc.MP43"=Mpg4c32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-09-06 21:44:22 ----D---- C:\Program Files\trend micro
2012-09-06 21:44:21 ----D---- C:\rsit
2012-09-06 07:05:27 ----D---- C:\WINDOWS\system32\cache
2012-09-06 07:05:10 ----D---- C:\Program Files\AVG Secure Search
2012-09-04 07:06:39 ----A---- C:\WINDOWS\rafazon.bat
2012-09-04 06:58:58 ----HD---- C:\kleaner.tmp
2012-09-04 06:17:44 ----ASH---- C:\pagefile.sys
2012-09-03 10:33:56 ----D---- C:\Program Files\Mozilla Firefox
2012-09-02 22:12:24 ----A---- C:\WINDOWS\system32\drivers\klflt.sys
2012-09-02 22:12:23 ----N---- C:\WINDOWS\system32\drivers\klif.sys
2012-09-02 20:23:35 ----SHD---- C:\RECYCLER
2012-09-02 20:15:28 ----D---- C:\WINDOWS\temp
2012-09-02 20:11:05 ----A---- C:\Boot.bak
2012-09-02 20:11:01 ----RASHD---- C:\cmdcons
2012-09-02 20:09:58 ----A---- C:\WINDOWS\zip.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\SWSC.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\SWREG.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\sed.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\PEV.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\NIRCMD.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\MBR.exe
2012-09-02 20:09:58 ----A---- C:\WINDOWS\grep.exe
2012-09-02 20:09:47 ----D---- C:\ComboFix
2012-09-02 20:08:58 ----D---- C:\Qoobox
2012-09-02 20:08:28 ----D---- C:\WINDOWS\erdnt
2012-09-02 17:15:21 ----R---- C:\WINDOWS\system32\streamhlp.dll
2012-09-02 13:33:16 ----D---- C:\Documents and Settings\Sandra\Application Data\Systweak
2012-08-31 08:57:11 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2012-08-31 06:46:09 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-08-31 06:46:09 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-08-31 06:46:08 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-08-31 06:46:08 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-08-31 06:46:08 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-08-31 06:46:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-08-31 06:46:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-08-31 06:46:07 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-08-31 06:45:30 ----A---- C:\WINDOWS\avastSS.scr
2012-08-31 06:45:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-08-31 06:37:07 ----A---- C:\WINDOWS\system32\drivers\4928896drv.sys
2012-08-31 06:28:05 ----A---- C:\WINDOWS\system32\drivers\SET134.tmp
2012-08-30 16:20:23 ----AD---- C:\rafazon
2012-08-30 16:20:23 ----A---- C:\james.bat
2012-08-29 17:02:17 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2012-08-17 21:39:18 ----A---- C:\WINDOWS\system32\klogon.dll
2012-08-13 16:49:44 ----A---- C:\WINDOWS\system32\drivers\kneps.sys
2012-08-08 13:25:45 ----D---- C:\Program Files\AVAST Software
2012-08-08 13:25:45 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2012-08-07 22:04:46 ----D---- C:\Documents and Settings\All Users\Application Data\boost_interprocess
2012-08-07 22:03:40 ----D---- C:\Program Files\Common Files\Doctor Web

======List of files/folders modified in the last 1 month======

2012-09-06 21:44:28 ----D---- C:\WINDOWS\Prefetch
2012-09-06 21:44:22 ----D---- C:\Program Files
2012-09-06 21:35:32 ----A---- C:\WINDOWS\ntbtlog.txt
2012-09-06 21:23:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-06 21:22:57 ----D---- C:\WINDOWS
2012-09-06 21:09:14 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-09-06 07:05:27 ----D---- C:\WINDOWS\system32
2012-09-03 20:47:51 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2012-09-03 05:15:11 ----SHD---- C:\System Volume Information
2012-09-02 20:17:33 ----A---- C:\WINDOWS\system.ini
2012-09-02 20:17:14 ----D---- C:\WINDOWS\system32\drivers\etc
2012-09-02 20:15:44 ----D---- C:\WINDOWS\system32\config
2012-09-02 20:13:59 ----D---- C:\WINDOWS\AppPatch
2012-09-02 20:13:58 ----D---- C:\Program Files\Common Files
2012-09-02 20:11:05 ----RASH---- C:\boot.ini
2012-09-01 06:03:53 ----D---- C:\Program Files\WinRAR
2012-08-31 22:04:19 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-31 12:33:24 ----SHD---- C:\WINDOWS\Installer
2012-08-31 09:26:24 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-31 09:26:23 ----HD---- C:\WINDOWS\inf
2012-08-31 09:23:16 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-31 09:22:00 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-08-31 09:16:43 ----D---- C:\Config.Msi
2012-08-31 08:58:10 ----D---- C:\WINDOWS\WinSxS
2012-08-31 08:31:23 ----D---- C:\WINDOWS\system32\drivers
2012-08-31 06:51:06 ----D---- C:\Program Files\Google
2012-08-31 06:51:05 ----SD---- C:\WINDOWS\Tasks
2012-08-31 05:56:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-30 21:34:42 ----D---- C:\WINDOWS\system32\NtmsData
2012-08-30 21:16:51 ----A---- C:\WINDOWS\imsins.BAK
2012-08-29 17:02:37 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2012-08-29 17:02:19 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-08-24 15:27:55 ----A---- C:\Documents and Settings\Sandra\Application Data\burnaware.ini
2012-08-15 18:34:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-07 19:17:25 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2012-06-19 136024]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-08-17 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 13832]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2012-08-13 584536]
R1 kltdi;kltdi; C:\WINDOWS\system32\DRIVERS\kltdi.sys [2012-06-08 43608]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2012-08-13 144344]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2008-05-06 16512]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
R3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-06-26 1656960]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2012-06-27 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2012-05-25 23896]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2012-07-25 24920]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-21 12753664]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-04 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S1 4928896drv;4928896drv; C:\WINDOWS\system32\DRIVERS\4928896drv.sys [2012-09-05 475736]
S2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Sandra\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2012-02-14 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2012-02-14 25512]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2008-12-02 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-05-27 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-05-27 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-05-27 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-05-27 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-05-27 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-05-27 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-05-27 117672]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-21 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-08-29 722528]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-10-13 79360]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVP;Kaspersky Anti-Virus Service; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-13 79360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-07 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-11-30 718888]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

ps: toolbary som v programoch nenasiel, neviem ako ich teda odstranit

Odinstalujte AVG Secure Search a SweetIM

Mate nejaky problem s instalaci ServicePacku 3 pro windows?

Pokud jste nepouzil remover na Kasperskyho http://support.kaspersky.com/downloads/ ... emover.exe tak je aplikujte

S ComboFixem jste tam provadel co - na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)

Nebo kdo vam jej poradil

Pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601

3. Zvláště utilitu ComboFix nespouštějte i když Vám mi poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

co som mal odinstalovat som dal prec.ale dnes tam ten sweet bol zase. zase som ho dal prec a uz tam nieje. dufam.

servis pack 3, som ani neskusal instalovat

kaspersky by tiez mal byt uz fuc

a combo fix som nasiel ked som hladal pomoc na nete, ze mam skusit. az potom som nasiel toto tu a zistil ze som to radsej nemal davat.. moja chyba..

Nainstalujte tedy ServicePack 3 - resi mnoho chyb a bezpecnostnich der - podminkou je ovsem legalni system

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[

[/list]

OTL Extras logfile created on: 9.9.2012 15:49:41 - Run 1
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Sandra\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,23 Mb Total Physical Memory | 435,50 Mb Available Physical Memory | 48,65% Memory free
2,21 Gb Paging File | 1,81 Gb Available in Paging File | 81,95% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,88 Gb Free Space | 25,00% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 104,27 Gb Free Space | 80,51% Space Free | Partition Type: NTFS

Computer Name: SANDRA-C6D0BE9B | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Slovak
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEC8F2E3-AC9A-357C-BFCB-BFAC37C4AC50}" = Visual C++ 9.0 ATL (x86) WinSXS MSM
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic
"{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}" = PC Connectivity Solution
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"ASRock IES_is1" = ASRock IES v2.0.69
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.3.91
"avast" = avast! Free Antivirus
"BurnAware Free_is1" = BurnAware Free 4.9
"Canon MP280 series User Registration" = Canon MP280 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EPC DeInstall" = Electronic Parts Catalogue
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.21 Full
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 15.0.1 (x86 sk)" = Mozilla Firefox 15.0.1 (x86 sk)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.90
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archivátor
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.7.2012 7:56:39 | Computer Name = SANDRA-C6D0BE9B | Source = crypt32 | ID = 131080
Description = Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu
základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
s chybou: Zadaný server nemôže vykonať požadovanú operáciu.

Error - 15.7.2012 7:56:39 | Computer Name = SANDRA-C6D0BE9B | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error - 15.7.2012 7:56:39 | Computer Name = SANDRA-C6D0BE9B | Source = crypt32 | ID = 131080
Description = Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu
základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
s chybou: Zadaný server nemôže vykonať požadovanú operáciu.

Error - 15.7.2012 7:56:39 | Computer Name = SANDRA-C6D0BE9B | Source = crypt32 | ID = 131083
Description = Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov
zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error - 15.7.2012 7:56:39 | Computer Name = SANDRA-C6D0BE9B | Source = crypt32 | ID = 131080
Description = Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu
základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
s chybou: Zadaný server nemôže vykonať požadovanú operáciu.

Error - 15.7.2012 9:33:33 | Computer Name = SANDRA-C6D0BE9B | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie epc.exe, verzia 7.0.3.10009, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.

Error - 20.7.2012 9:55:05 | Computer Name = SANDRA-C6D0BE9B | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie epc.exe, verzia 7.0.3.10009, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.

Error - 20.7.2012 9:55:16 | Computer Name = SANDRA-C6D0BE9B | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie epc.exe, verzia 7.0.3.10009, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.

Error - 20.7.2012 9:55:37 | Computer Name = SANDRA-C6D0BE9B | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie epc.exe, verzia 7.0.3.10009, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.

Error - 20.7.2012 9:55:41 | Computer Name = SANDRA-C6D0BE9B | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie epc.exe, verzia 7.0.3.10009, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00000000.

[ System Events ]
Error - 7.9.2012 4:02:07 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Správca odovzdávania zlyhalo kvôli nasledujúcej chybe:
%%1079

Error - 7.9.2012 8:12:06 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarOpen zlyhalo kvôli nasledujúcej chybe: %%2

Error - 7.9.2012 8:12:06 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ESET Service zlyhalo kvôli nasledujúcej chybe: %%3

Error - 7.9.2012 8:12:06 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Správca odovzdávania zlyhalo kvôli nasledujúcej chybe:
%%1079

Error - 8.9.2012 15:01:47 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarOpen zlyhalo kvôli nasledujúcej chybe: %%2

Error - 8.9.2012 15:01:47 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ESET Service zlyhalo kvôli nasledujúcej chybe: %%3

Error - 8.9.2012 15:01:47 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Správca odovzdávania zlyhalo kvôli nasledujúcej chybe:
%%1079

Error - 9.9.2012 4:07:19 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarOpen zlyhalo kvôli nasledujúcej chybe: %%2

Error - 9.9.2012 4:07:19 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ESET Service zlyhalo kvôli nasledujúcej chybe: %%3

Error - 9.9.2012 4:07:20 | Computer Name = SANDRA-C6D0BE9B | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Správca odovzdávania zlyhalo kvôli nasledujúcej chybe:
%%1079

< End of report >

OTL logfile created on: 9.9.2012 15:49:41 - Run 1
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Sandra\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,23 Mb Total Physical Memory | 435,50 Mb Available Physical Memory | 48,65% Memory free
2,21 Gb Paging File | 1,81 Gb Available in Paging File | 81,95% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,88 Gb Free Space | 25,00% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 104,27 Gb Free Space | 80,51% Space Free | Partition Type: NTFS

Computer Name: SANDRA-C6D0BE9B | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.09.09 15:46:32 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
PRC - [2012.09.09 10:07:07 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
PRC - [2012.09.08 23:33:34 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.09.06 07:05:16 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.10.13 17:18:31 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.07.08 15:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
PRC - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.09.09 10:07:11 | 000,592,896 | ---- | M] () -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~de6248.tmp
MOD - [2012.09.09 10:07:07 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~df394b.tmp
MOD - [2012.09.09 09:52:03 | 001,808,384 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12090900\algo.dll
MOD - [2012.09.08 23:33:33 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.09.08 19:29:57 | 001,808,384 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12090801\algo.dll
MOD - [2012.09.06 07:05:16 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
MOD - [2012.08.29 17:02:16 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012.04.04 07:54:08 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
MOD - [2011.05.05 00:02:44 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2009.09.04 08:19:30 | 000,644,096 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
MOD - [2008.09.30 20:30:57 | 000,294,912 | ---- | M] () -- C:\Program Files\WinRAR\Rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.15 18:34:13 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.11.30 17:12:40 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Sandra\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.09.05 07:13:28 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\4928896drv.sys -- (4928896drv)
DRV - [2012.08.29 17:02:17 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.13 18:24:16 | 000,584,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.08.13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kneps.sys -- (kneps)
DRV - [2012.07.25 14:53:48 | 000,024,920 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012.06.27 14:09:08 | 000,035,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2012.06.08 11:38:12 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kltdi.sys -- (kltdi)
DRV - [2012.05.25 19:38:48 | 000,023,896 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012.03.14 08:40:02 | 000,160,816 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.02.14 20:05:55 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.02.14 20:05:55 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.11 14:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2009.11.25 14:57:28 | 001,617,408 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.11.19 15:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009.11.19 15:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009.11.19 15:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009.11.19 15:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009.11.19 15:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009.11.19 15:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009.11.19 15:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.08.17 17:08:40 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.06.26 09:29:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.12.02 08:56:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.20 16:19:27 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.18 12:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008.05.27 11:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.05.27 11:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.05.27 11:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.05.27 11:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.05.27 11:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.05.27 11:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.05.27 11:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.05.06 08:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008.03.25 05:48:08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.03.25 05:48:06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.04.03 14:55:26 | 010,251,904 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp325.sys -- (SNP325)
DRV - [2006.10.18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006.07.01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.04 14:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.04 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... B4B9B7960F}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://findgala.com/?&uid=8020&q={searchTerms}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... B4B9B7960F}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Prenesene subory z C\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ [2012.07.10 14:18:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.31 06:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.08 23:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2008.12.30 15:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Extensions
[2012.09.07 14:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default\extensions
[2012.08.31 08:58:19 | 000,004,007 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default\searchplugins\sweetim.xml
[2012.09.03 10:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.08 23:33:35 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.08 23:33:30 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012.09.06 07:05:09 | 000,003,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.08 23:33:30 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012.09.08 23:33:30 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012.09.08 23:33:30 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012.09.08 23:33:30 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012.09.08 23:33:30 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - homepage: http://www.google.com/

O1 HOSTS File: ([2012.09.02 20:17:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {301C19BC-4368-46A4-8FBD-A0E9D0DCD4F7} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - Reg Error: Key error. File not found
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA73C150-2ED9-456B-8693-3EF771CADF40}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F433E95D-05D9-47A8-949E-C5FB49E4E019}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Sandra\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sandra\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.3iv2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.3ivx - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: VIDC.IV40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: VIDC.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.09.09 15:46:31 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
[2012.09.06 21:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.09.06 21:44:21 | 000,000,000 | ---D | C] -- C:\rsit
[2012.09.06 07:05:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012.09.06 07:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012.09.03 10:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.02 22:12:24 | 000,074,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klflt.sys
[2012.09.02 22:12:23 | 000,584,536 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2012.09.02 20:23:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.09.02 20:15:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.09.02 20:11:01 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.09.02 20:09:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.09.02 20:09:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.09.02 20:09:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.09.02 20:09:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.09.02 20:09:47 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.09.02 20:08:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.02 20:08:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.09.09 15:51:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.09 15:46:32 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
[2012.09.09 15:34:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.09 10:07:42 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.09.09 10:06:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.08 21:01:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.07 11:18:18 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2012.09.05 07:13:28 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\4928896drv.sys
[2012.09.03 10:34:10 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.09.03 10:34:10 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.02 20:17:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.09.02 20:11:05 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2012.09.02 17:15:31 | 000,059,392 | R--- | M] () -- C:\WINDOWS\System32\streamhlp.dll
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.09 15:51:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.09.04 07:06:39 | 000,000,048 | ---- | C] () -- C:\WINDOWS\rafazon.bat
[2012.09.03 10:34:10 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.09.03 10:34:10 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.03 10:34:08 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.02 20:11:05 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2012.09.02 20:11:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.09.02 20:09:58 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.09.02 20:09:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.09.02 20:09:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.09.02 20:09:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.09.02 20:09:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.09.02 17:15:21 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2012.04.09 17:39:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.15 07:29:47 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\WebpageIcons.db
[2012.01.16 22:12:47 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Sandra\Application Data\burnaware.ini
[2011.10.13 17:19:40 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI
[2011.10.13 17:18:31 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2011.10.13 17:18:31 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini
[2011.10.13 17:17:51 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL
[2011.10.13 17:11:54 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.10.13 17:11:54 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.10.13 17:11:54 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.10.13 16:58:33 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.05.21 06:01:00 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010.12.20 22:58:06 | 000,228,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.05.30 22:03:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\prvlcl.dat
[2009.02.17 21:24:56 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\Sandra\save.cfg
[2008.09.30 08:22:31 | 000,224,768 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009.05.09 18:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2012.08.31 06:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.08.29 17:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012.09.06 21:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012.02.15 07:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012.09.02 20:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.06.24 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010.12.25 11:53:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2010.12.25 11:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010.12.25 12:14:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011.09.21 19:22:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2010.12.25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012.09.03 20:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010.12.25 11:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010.12.25 12:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2010.12.25 11:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011.03.14 16:33:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009.08.17 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.12.06 09:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010.11.17 20:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009.05.08 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2011.10.13 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2008.12.03 22:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.02.12 18:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2012.05.04 12:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2012.02.12 19:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.08.12 17:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pictomio
[2012.02.14 22:57:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SAXMTQQBMP
[2012.08.31 09:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2010.10.15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2012.02.11 20:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\AVG Secure Search
[2010.07.13 21:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\AVG9
[2009.02.10 22:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Cakewalk
[2010.06.24 15:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canneverbe Limited
[2012.01.22 23:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canon
[2009.02.12 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\COWON
[2009.08.17 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DAEMON Tools Lite
[2012.02.07 21:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DDMSettings
[2010.01.19 06:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\EPSON
[2012.05.17 20:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\eTeks
[2011.01.23 14:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\GetRightToGo
[2009.05.05 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Go-Go Gourmet Chef of the Year
[2008.12.27 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\ICQ
[2009.08.12 18:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Imagic403N
[2011.01.01 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\IObit
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Little Games Company
[2012.08.05 20:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Media Finder
[2012.02.12 19:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Nokia
[2012.02.12 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\PC Suite
[2009.02.10 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\RadLight Company
[2012.02.14 22:58:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Sandra\Application Data\Smart Anti-Malware Protection
[2012.09.02 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Systweak
[2009.08.12 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Zoner
[2012.09.09 10:07:42 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.04 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2004.08.04 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.08.04 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[5 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.04.03 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.05.09 18:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2012.08.31 06:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.08.29 17:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012.09.06 21:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012.02.15 07:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012.09.02 20:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.06.24 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010.12.25 11:53:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2010.12.25 11:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010.12.25 12:14:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011.09.21 19:22:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2010.12.25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012.09.03 20:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010.12.25 11:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010.12.25 12:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2010.12.25 11:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011.03.14 16:33:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.10.13 17:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009.08.17 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012.07.10 20:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.12.06 09:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010.11.17 20:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010.03.15 12:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft
[2009.05.08 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2011.10.13 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2010.05.30 12:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008.12.03 22:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.02.12 18:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.05.17 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2009.05.22 15:20:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.04.25 14:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.05.04 12:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011.12.25 20:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009.11.30 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.01.17 21:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011.10.13 17:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2010.05.30 16:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2009.09.26 13:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008.08.19 17:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2012.02.12 19:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.08.12 17:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pictomio
[2009.01.03 20:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2012.02.14 22:57:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SAXMTQQBMP
[2009.05.25 20:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.10.31 23:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2012.08.07 19:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012.08.31 09:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2009.05.26 21:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.10.15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008.08.19 17:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\ReaderUpdater.exe
[2009.06.24 04:01:00 | 034,025,444 | R--- | M] (Creative Technology Ltd) -- C:\Documents and Settings\All Users\Application Data\Creative\MediaSource U\AddOnPack.exe
[2011.03.16 22:15:00 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2012.02.07 21:23:57 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2011.03.16 22:15:16 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2012.02.07 21:24:04 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe
[2012.07.10 20:22:18 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2009.11.29 17:00:46 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe
[2011.03.16 22:15:18 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2012.07.10 20:22:55 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2012.02.07 21:23:59 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2012.02.07 21:24:00 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2011.03.16 22:15:19 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2012.02.07 21:24:01 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2011.03.16 22:15:06 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2012.02.07 21:23:55 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2012.02.07 21:23:57 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe
[2012.07.10 20:22:54 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2011.03.16 22:15:05 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.10.31 21:12:27 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2012.07.10 20:20:59 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2011.03.16 22:13:01 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\DivX\Symantec\SymInstallStub.exe
[2011.03.16 22:15:14 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2012.02.07 21:24:08 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2012.02.07 21:24:29 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2012.02.07 21:24:36 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2011.10.13 17:16:40 | 003,444,224 | ---- | M] (FNet Co., Ltd.) -- C:\Documents and Settings\All Users\Application Data\FNET\XFastUsb\Uninstall.exe
[2012.02.12 18:54:23 | 000,090,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.12 18:54:23 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.12 18:54:23 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.12 18:54:23 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.03.12 16:03:22 | 092,179,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer.exe
[2012.05.04 12:25:51 | 000,125,952 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerService.exe
[2012.05.04 12:25:51 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerServiceExec.exe
[2012.05.04 12:25:51 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\IsPinned.exe
[2012.05.04 12:26:03 | 000,046,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\pcswpc.exe
[2012.05.04 12:26:03 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\RepairMplatform.exe
[2012.05.04 12:26:03 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2012.05.04 12:26:03 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\WMF11Runx86.exe
[2012.05.04 12:26:06 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
[2010.01.17 21:56:13 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2011.05.21 06:01:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\WLMerger.exe

< %APPDATA%\*. >
[2011.12.25 16:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Adobe
[2009.05.22 17:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Apple Computer
[2012.02.11 20:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\AVG Secure Search
[2010.07.13 21:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\AVG9
[2009.02.10 22:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Cakewalk
[2010.06.24 15:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canneverbe Limited
[2012.01.22 23:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canon
[2009.02.12 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\COWON
[2009.08.17 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DAEMON Tools Lite
[2012.02.07 21:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DDMSettings
[2010.06.16 05:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DivX
[2010.01.19 06:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\EPSON
[2012.05.17 20:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\eTeks
[2011.01.23 14:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\GetRightToGo
[2009.05.05 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Go-Go Gourmet Chef of the Year
[2009.06.03 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Google
[2008.08.22 17:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Help
[2008.12.27 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\ICQ
[2008.08.19 16:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Identities
[2009.08.12 18:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Imagic403N
[2008.08.19 16:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\InstallShield
[2011.01.01 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\IObit
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Little Games Company
[2011.03.12 17:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Macromedia
[2012.08.05 20:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Media Finder
[2011.04.03 12:21:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sandra\Application Data\Microsoft
[2008.12.30 15:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Mozilla
[2012.02.12 19:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Nokia
[2012.02.12 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\PC Suite
[2009.02.10 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\RadLight Company
[2009.03.24 22:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Real
[2012.03.28 20:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Skype
[2012.03.28 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\skypePM
[2012.02.14 22:58:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Sandra\Application Data\Smart Anti-Malware Protection
[2009.08.13 09:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Sun
[2012.09.02 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Systweak
[2010.02.27 17:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\WinRAR
[2009.08.12 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Zoner

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.09.09 15:34:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.09.09 10:07:42 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.17 17:08:40 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2008.08.19 18:13:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.08.19 18:13:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.08.19 18:13:08 | 000,880,640 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2012.09.08 21:01:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.04 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.08 23:33:34 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.09 15:51:42 | 000,000,512 | ---- | M] () MD5=9C4F54B2E40C28E969005F5B89815363 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.01.15 16:29:13 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\modules\skin\ajax-loader.gif
[2012.01.15 16:29:13 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\modules\skin\loader.gif
[2012.03.12 14:36:46 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\ajax-loader.gif
[2012.03.12 14:36:47 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\modules\skin\loader.gif
[2012.09.06 07:05:45 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\modules\skin\ajax-loader.gif
[2012.09.06 07:05:46 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\modules\skin\loader.gif
[2012.06.12 17:46:04 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\modules\skin\ajax-loader.gif
[2012.06.12 17:46:04 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\modules\skin\loader.gif
[2012.08.29 17:02:43 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.32\modules\skin\ajax-loader.gif
[2012.08.29 17:02:43 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.32\modules\skin\loader.gif
[2011.12.10 18:01:44 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\9.0.0.18\modules\skin\ajax-loader.gif
[2011.12.10 18:01:44 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Application Data\AVG Secure Search\9.0.0.18\modules\skin\loader.gif
[2011.01.23 14:19:24 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sandra\Application Data\GetRightToGo\Soft32Downloader-for-Outlook-Express.data
[2009.09.19 10:23:01 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2009.09.19 10:23:01 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008.11.30 15:07:49 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 15:07:49 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.01.13 20:06:21 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.01.13 20:06:40 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.08.17 21:39:22 | 000,413,112 | ---- | M] () -- \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\kas_loader.dll
[2012.08.17 21:39:54 | 000,369,080 | ---- | M] () -- \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\prloader.dll
[2012.08.17 21:39:56 | 000,207,800 | ---- | M] () -- \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
[1 \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\*.tmp files -> \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\*.tmp -> ]
[2012.08.17 21:02:50 | 000,006,957 | ---- | M] () -- \RECYCLER\S-1-5-21-1645522239-1078081533-682003330-1003\Dc10\Kaspersky Internet Security 2013\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2002.02.01 19:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2011.11.22 15:12:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2012.09.06 07:05:45 | 000,006,494 | ---- | M] () -- \WINDOWS\temp\avg@toolbar\modules\skin\ajax-loader.gif
[2012.09.06 07:05:46 | 000,000,729 | ---- | M] () -- \WINDOWS\temp\avg@toolbar\modules\skin\loader.gif

< End of report >

Odinstalujte ten Kaspersky jak jsem psal a i ten avg toolbar, pak napiste ci se povedlo

Omlovam se za zpozdeni, pracovni povinnosti

pc zacalo este robit aj to, ze sa neda vypnut,system sa odhlasi, zhasne obrazovka, ale ikona mysky tam zostane a nic sa nedeje, ventilator stale ide..nevypne sa..

a pri starte, ked nabehne win, zobrazi sa pracovna plocha, sa zobrazi hlasenie: chyba scriptu
VBS"script"C:Docum-Sandra/Locals/Temp/015872D6.vbs, az po odkliknuti nabehnu ikony..

a skusal som ten kaspersky aj avg odinstalovat ako ste povedali,nevidim ich tam uz..

Udelejte tedy prosim novy sken OTLkem, nastaveni jako minule

OTL logfile created on: 11.9.2012 7:03:09 - Run 4
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Sandra\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,23 Mb Total Physical Memory | 459,46 Mb Available Physical Memory | 51,32% Memory free
2,21 Gb Paging File | 1,86 Gb Available in Paging File | 84,21% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 4,70 Gb Free Space | 24,05% Space Free | Partition Type: NTFS
Drive D: | 129,51 Gb Total Space | 105,96 Gb Free Space | 81,82% Space Free | Partition Type: NTFS

Computer Name: SANDRA-C6D0BE9B | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.09.11 06:50:01 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
PRC - [2012.09.09 15:46:32 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
PRC - [2012.09.06 07:05:16 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.16 17:16:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.13 17:18:31 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.07.08 15:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
PRC - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.09.11 06:50:05 | 000,592,896 | ---- | M] () -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~de6248.tmp
MOD - [2012.09.11 06:50:02 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Sandra\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~df394b.tmp
MOD - [2012.09.10 19:49:37 | 001,808,384 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12091001\algo.dll
MOD - [2012.09.06 07:05:16 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
MOD - [2012.08.29 17:02:16 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012.08.15 18:34:12 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012.04.04 07:54:08 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
MOD - [2012.02.16 17:16:36 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2012.08.29 17:02:16 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.17 21:43:06 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) [On_Demand | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012.08.15 18:34:13 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.11.30 17:12:40 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Sandra\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.09.05 07:13:28 | 000,475,736 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\4928896drv.sys -- (4928896drv)
DRV - [2012.08.29 17:02:17 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.13 18:24:16 | 000,584,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.08.13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kneps.sys -- (kneps)
DRV - [2012.07.25 14:53:48 | 000,024,920 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012.06.27 14:09:08 | 000,035,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2012.06.08 11:38:12 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kltdi.sys -- (kltdi)
DRV - [2012.05.25 19:38:48 | 000,023,896 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012.02.14 20:05:55 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.02.14 20:05:55 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.11 14:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2009.11.25 14:57:28 | 001,617,408 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.11.19 15:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009.11.19 15:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009.11.19 15:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009.11.19 15:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009.11.19 15:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009.11.19 15:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009.11.19 15:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.08.17 17:08:40 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.06.26 09:29:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.12.02 08:56:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.20 16:19:27 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.18 12:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008.05.27 11:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.05.27 11:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008.05.27 11:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.05.27 11:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008.05.27 11:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.05.27 11:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008.05.27 11:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008.05.06 08:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008.03.25 05:48:08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.03.25 05:48:06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.04.03 14:55:26 | 010,251,904 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp325.sys -- (SNP325)
DRV - [2006.10.18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006.07.01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.04 14:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.04 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=2.03001.10 ... B4B9B7960F}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... B4B9B7960F}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://findgala.com/?&uid=8020&q={searchTerms}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... B4B9B7960F}
IE - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Prenesene subory z C\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.09.02 22:13:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.09.02 22:13:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.09.02 22:13:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.09.02 22:13:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.09.02 22:13:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.31 06:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 05:06:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2008.12.30 15:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Extensions
[2012.09.07 14:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default\extensions
[2012.08.31 08:58:19 | 000,004,007 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Mozilla\Firefox\Profiles\7w576w5x.default\searchplugins\sweetim.xml
[2012.09.11 05:06:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.16 17:16:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 16:24:10 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012.02.16 16:24:10 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012.02.16 16:24:10 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012.02.16 16:24:10 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012.02.16 16:24:10 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012.02.16 16:24:10 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - homepage: http://www.google.com/

O1 HOSTS File: ([2012.09.02 20:17:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {301C19BC-4368-46A4-8FBD-A0E9D0DCD4F7} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - No CLSID value found.
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1078081533-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - Reg Error: Key error. File not found
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (Reg Error: Value error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA73C150-2ED9-456B-8693-3EF771CADF40}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F433E95D-05D9-47A8-949E-C5FB49E4E019}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Sandra\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sandra\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.3iv2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.3ivx - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: VIDC.IV40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: VIDC.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.09.11 06:31:09 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012.09.11 05:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.09 15:46:31 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
[2012.09.06 21:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.09.06 21:44:21 | 000,000,000 | ---D | C] -- C:\rsit
[2012.09.06 07:05:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012.09.06 07:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.09.11 07:04:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.11 06:50:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.09.11 06:49:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.11 06:34:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.11 06:31:37 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012.09.11 06:30:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.09.11 06:30:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.09.11 06:27:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.11 05:06:52 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.09.11 05:06:52 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.10 22:09:52 | 001,512,954 | ---- | M] () -- C:\Documents and Settings\Sandra\Desktop\bez_názvu.bmp
[2012.09.10 21:16:31 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.10 19:37:05 | 000,226,304 | ---- | M] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.10 11:11:10 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2012.09.09 15:46:32 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sandra\Desktop\OTL.exe
[2012.09.05 07:13:28 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\4928896drv.sys
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.11 06:33:35 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Sandra\Desktop\Windows Media Player.lnk
[2012.09.11 06:30:54 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012.09.11 06:30:49 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.09.11 06:30:49 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.09.11 05:06:52 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Sandra\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.09.11 05:06:52 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.11 05:06:52 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.10 22:09:52 | 001,512,954 | ---- | C] () -- C:\Documents and Settings\Sandra\Desktop\bez_názvu.bmp
[2012.09.09 15:51:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.09.02 20:09:58 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.09.02 20:09:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.09.02 20:09:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.09.02 20:09:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.09.02 20:09:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.09.02 17:15:21 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2012.04.09 17:39:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.15 07:29:47 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\WebpageIcons.db
[2012.01.16 22:12:47 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Sandra\Application Data\burnaware.ini
[2011.10.13 17:19:40 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI
[2011.10.13 17:18:31 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2011.10.13 17:18:31 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini
[2011.10.13 17:17:51 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL
[2011.10.13 17:11:54 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.10.13 17:11:54 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.10.13 17:11:54 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.10.13 16:58:33 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.05.21 06:01:00 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010.12.20 22:58:06 | 000,228,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.05.30 22:03:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\prvlcl.dat
[2009.02.17 21:24:56 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\Sandra\save.cfg
[2008.09.30 08:22:31 | 000,226,304 | ---- | C] () -- C:\Documents and Settings\Sandra\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009.05.09 18:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2012.08.31 06:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.09.02 20:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.06.24 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010.12.25 11:53:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2010.12.25 11:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010.12.25 12:14:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011.09.21 19:22:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2010.12.25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012.09.03 20:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010.12.25 11:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010.12.25 12:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2010.12.25 11:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011.03.14 16:33:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009.08.17 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.12.06 09:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010.11.17 20:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009.05.08 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2011.10.13 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2008.12.03 22:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.02.12 18:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2012.05.04 12:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2012.02.12 19:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.08.12 17:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pictomio
[2012.02.14 22:57:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SAXMTQQBMP
[2010.10.15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009.02.10 22:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Cakewalk
[2010.06.24 15:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canneverbe Limited
[2012.01.22 23:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canon
[2009.02.12 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\COWON
[2009.08.17 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DAEMON Tools Lite
[2012.02.07 21:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DDMSettings
[2010.01.19 06:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\EPSON
[2012.05.17 20:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\eTeks
[2011.01.23 14:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\GetRightToGo
[2009.05.05 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Go-Go Gourmet Chef of the Year
[2008.12.27 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\ICQ
[2009.08.12 18:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Imagic403N
[2011.01.01 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\IObit
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Little Games Company
[2012.08.05 20:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Media Finder
[2012.02.12 19:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Nokia
[2012.02.12 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\PC Suite
[2009.02.10 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\RadLight Company
[2012.02.14 22:58:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Sandra\Application Data\Smart Anti-Malware Protection
[2012.09.02 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Systweak
[2009.08.12 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Zoner
[2012.09.11 06:50:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2009.11.14 00:57:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.04 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2004.08.04 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.08.04 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.04.03 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.05.09 18:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2012.08.31 06:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012.09.02 20:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.06.24 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010.12.25 11:53:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2010.12.25 11:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010.12.25 12:14:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011.09.21 19:22:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2010.12.25 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2010.12.25 12:02:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2012.09.03 20:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010.12.25 11:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010.12.25 12:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2010.12.25 11:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011.03.14 16:33:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.10.13 17:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009.08.17 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012.07.10 20:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.12.06 09:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010.11.17 20:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2010.03.15 12:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft
[2009.05.08 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2011.10.13 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2010.05.30 12:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008.12.03 22:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.02.12 18:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012.08.31 05:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2009.05.17 22:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2009.05.22 15:20:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.04.25 14:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.05.04 12:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010.01.17 21:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011.10.13 17:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2010.05.30 16:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2009.09.26 13:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008.08.19 17:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2012.02.12 19:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.08.12 17:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pictomio
[2012.02.14 22:57:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SAXMTQQBMP
[2009.05.25 20:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.10.31 23:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2009.05.26 21:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.10.15 18:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008.08.19 17:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\30667\ReaderUpdater.exe
[2009.06.24 04:01:00 | 034,025,444 | R--- | M] (Creative Technology Ltd) -- C:\Documents and Settings\All Users\Application Data\Creative\MediaSource U\AddOnPack.exe
[2011.03.16 22:15:00 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2012.02.07 21:23:57 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2011.03.16 22:15:16 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2012.02.07 21:24:04 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe
[2012.07.10 20:22:18 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2009.11.29 17:00:46 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe
[2011.03.16 22:15:18 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2012.07.10 20:22:55 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2012.02.07 21:23:59 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2012.02.07 21:24:00 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2011.03.16 22:15:19 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2012.02.07 21:24:01 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2011.03.16 22:15:06 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2012.02.07 21:23:55 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2012.02.07 21:23:57 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe
[2012.07.10 20:22:54 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2011.03.16 22:15:05 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.10.31 21:12:27 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2012.07.10 20:20:59 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2011.03.16 22:13:01 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\DivX\Symantec\SymInstallStub.exe
[2011.03.16 22:15:14 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2012.02.07 21:24:08 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2012.02.07 21:24:29 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2012.02.07 21:24:36 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2011.10.13 17:16:40 | 003,444,224 | ---- | M] (FNet Co., Ltd.) -- C:\Documents and Settings\All Users\Application Data\FNET\XFastUsb\Uninstall.exe
[2012.02.12 18:54:23 | 000,090,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.12 18:54:23 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.12 18:54:23 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.12 18:54:23 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{41313863-5170-4D7E-AD60-3CDF4DEBA81F}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.03.12 16:03:22 | 092,179,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer.exe
[2012.05.04 12:25:51 | 000,125,952 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerService.exe
[2012.05.04 12:25:51 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerServiceExec.exe
[2012.05.04 12:25:51 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\IsPinned.exe
[2012.05.04 12:26:03 | 000,046,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\pcswpc.exe
[2012.05.04 12:26:03 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\RepairMplatform.exe
[2012.05.04 12:26:03 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2012.05.04 12:26:03 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\WMF11Runx86.exe
[2012.05.04 12:26:06 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
[2010.01.17 21:56:13 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2011.05.21 06:01:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\WLMerger.exe

< %APPDATA%\*. >
[2011.12.25 16:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Adobe
[2009.05.22 17:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Apple Computer
[2009.02.10 22:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Cakewalk
[2010.06.24 15:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canneverbe Limited
[2012.01.22 23:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Canon
[2009.02.12 17:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\COWON
[2009.08.17 17:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DAEMON Tools Lite
[2012.02.07 21:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DDMSettings
[2010.06.16 05:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\DivX
[2010.01.19 06:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\EPSON
[2010.03.15 12:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\ESTsoft
[2012.05.17 20:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\eTeks
[2011.01.23 14:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\GetRightToGo
[2009.05.05 17:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Go-Go Gourmet Chef of the Year
[2009.06.03 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Google
[2008.08.22 17:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Help
[2008.12.27 21:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\ICQ
[2008.08.19 16:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Identities
[2009.08.12 18:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Imagic403N
[2008.08.19 16:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\InstallShield
[2011.01.01 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\IObit
[2009.08.02 01:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Little Games Company
[2011.03.12 17:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Macromedia
[2012.08.05 20:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Media Finder
[2011.04.03 12:21:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sandra\Application Data\Microsoft
[2008.12.30 15:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Mozilla
[2012.02.12 19:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Nokia
[2012.02.12 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\PC Suite
[2009.02.10 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\RadLight Company
[2009.03.24 22:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Real
[2012.03.28 20:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Skype
[2012.03.28 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\skypePM
[2012.02.14 22:58:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Sandra\Application Data\Smart Anti-Malware Protection
[2009.08.13 09:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Sun
[2012.09.02 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Systweak
[2010.02.27 17:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\WinRAR
[2009.08.12 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sandra\Application Data\Zoner

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.09.11 06:34:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.09.11 06:50:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.17 17:08:40 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2008.08.19 18:13:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.08.19 18:13:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.08.19 18:13:08 | 000,880,640 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2012.09.11 06:30:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2012.09.11 06:30:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2012.09.11 06:27:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.04 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.02.16 17:16:36 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=5AC757AE411CBC603C33C85F81F8657D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.11 07:04:51 | 000,000,512 | ---- | M] () MD5=9C4F54B2E40C28E969005F5B89815363 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2011.01.23 14:19:24 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sandra\Application Data\GetRightToGo\Soft32Downloader-for-Outlook-Express.data
[2009.09.19 10:23:01 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2009.09.19 10:23:01 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2008.11.30 15:07:49 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.11.30 15:07:49 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.01.13 20:06:21 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.01.13 20:06:40 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2012.08.17 21:39:22 | 000,413,112 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kas_loader.dll
[2012.08.17 21:39:54 | 000,369,080 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll
[2012.08.17 21:39:56 | 000,207,800 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
[1 \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp files -> \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\*.tmp -> ]
[2012.08.17 21:02:50 | 000,006,957 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2002.02.01 19:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.11.22 15:12:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< End of report >

Vyhodilo mi este jeden subor s nazvom Thumbs a nejde mi ho otvorit.

Thumbs nechte, to je systemovy soubor

Pouzil jste na ten Kaspersky ten jejich remover http://support.kaspersky.com/downloads/ ... emover.exe

VIRY.CZ

Prosím o kontrolu - juro

Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro

Re: Prosím o kontrolu - juro