Zdravím!
Po včerajšom scane Gmer sa mi náhle drasticky spomalil disk. Veľmi pomalý a dlhý štart systému, pomalá práca s väčšími súbormi napr. konvertovanie hudby. V prílohe je ukážka z HD Tune programu, na pravej strane sú hodnoty, ktoré na disku dosahujem bežne v minulosti. Veľký rozdiel v Transfer a Burst Rate a tiež CPU.
Gmer log
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-11-01 17:05:17
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdePort0 Maxtor_6L200M0 rev.BANC1G10 189,92GB
Running: tool.exe.exe; Driver: C:\DOCUME~1\admin\LOCALS~1\Temp\pxtdapob.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0xB2322690]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0xB23227B0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0xB2322010]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenThread [0xB2322490]
SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys ZwQueryValueKey [0xB3C741D6]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0xB23222D0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0xB23223B0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0xB2322110]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0xB23221F0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0xB2322590]
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6B523C0, 0x84E2FA, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 48088
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}@LeaseObtainedTime 1383315952
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}@T1 1383317752
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}@T2 1383319102
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}@LeaseTerminatesTime 1383319552
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}@DhcpRetryTime 1798
Reg HKLM\SYSTEM\CurrentControlSet\Services\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}\Parameters\Tcpip@LeaseObtainedTime 1383315952
Reg HKLM\SYSTEM\CurrentControlSet\Services\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}\Parameters\Tcpip@T1 1383317752
Reg HKLM\SYSTEM\CurrentControlSet\Services\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}\Parameters\Tcpip@T2 1383319102
Reg HKLM\SYSTEM\CurrentControlSet\Services\{EEDE4249-FAD0-4AB7-9874-4D7F1F0B8D92}\Parameters\Tcpip@LeaseTerminatesTime 1383319552
---- EOF - GMER 2.1 ----
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém po Gmer scane
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Problém po Gmer scane
- Přílohy
-
- HD Tune benchmark.PNG (49.71 KiB) Zobrazeno 1859 x
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Zdravím!
Jak se vám mohl zpomalit disk po skenu GMER, nechápu. GMER je detekční utilita rootkitů. Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Jak se vám mohl zpomalit disk po skenu GMER, nechápu. GMER je detekční utilita rootkitů. Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Ani ja tomu nerozumiem.
Len riešim problém cez podporu AVG, lebo sa mi po pár týždňoch vracajú do priečinka dočasných súborov infekcie, tak mi poradili gmer, a po ňom je disk úplne mimo.
Nebude problém aplikovať váš popstup pokiaľ to je rozrobené aj s ich podporou? Aby sa to prípadne nemiešalo.
Len riešim problém cez podporu AVG, lebo sa mi po pár týždňoch vracajú do priečinka dočasných súborov infekcie, tak mi poradili gmer, a po ňom je disk úplne mimo.
Nebude problém aplikovať váš popstup pokiaľ to je rozrobené aj s ich podporou? Aby sa to prípadne nemiešalo.
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Nemělo by. FRST je skener, ktrý detekuje AdWary a zbytečnosti a lze je jím též smazat. Osobně si myslím, že příčina problému není v GMERu, ale někde jinde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by admin (administrator) on PCPC on 02-11-2013 16:07:15
Running from C:\Documents and Settings\admin\Desktop
Systém Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(HP) C:\WINDOWS\system32\HPZipm12.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20053608 2011-05-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-02] ()
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstall ... 2decf7d34c
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://shmu.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKCU - DefaultScope {C460A616-D148-475C-A510-351BAF75FC43} URL = http://www.google.co.uk/search?hl=en&q= ... meta=&rlz=
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {C460A616-D148-475C-A510-351BAF75FC43} URL = http://www.google.co.uk/search?hl=en&q= ... meta=&rlz=
SearchScopes: HKCU - {ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} URL = http://uk.search.yahoo.com/search?p={se ... meta=vc%3D
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20
FireFox:
========
FF ProfilePath: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default
FF Homepage: hxxp://www.shmu.sk/sk/?page=1
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @spoon.net/Spoon Plugin 3.33 - C:\Documents and Settings\admin\Local Settings\Application Data\Spoon\3.33.3.13\npMozillaSpoonPlugin.dll (Code Systems Corporation)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\hadaj-video.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\ivsk.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\radiask.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: StatusbarEx - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\doudehou@gmail.com
FF Extension: Vacuum Places Improved - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com
FF Extension: Flagfox - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Blue Fox - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: cache - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\cache@status.org.xpi
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: personas - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\personas@christopher.beard.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF Extension: aniweatherdefault - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{d122ad80-ff45-11dd-87af-0800200c9a66}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.0.1.12
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S2 gupdate1c935ece674815e; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2012-02-28] (Google Inc.)
S4 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 UserAccess7; C:\WINDOWS\system32\UAService7.exe [221184 2009-06-30] (Sony DADC Austria AG.)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search)
S4 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [x]
S4 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
S3 ASPI; C:\WINDOWS\System32\DRIVERS\ASPI32.sys [16512 2002-07-17] (Adaptec)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies)
S3 CrystalSysInfo; C:\Program Files\AudioCoder\SysInfo.sys [15152 2007-09-25] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R0 m5288; C:\Windows\System32\DRIVERS\m5288.sys [210304 2005-12-23] (ULi Electronics Inc.)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-07-03] (Secunia)
S3 PSSDK42; C:\WINDOWS\system32\Drivers\pssdk42.sys [38976 2013-01-28] (microOLAP Technologies LTD)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 ULI5261XP; C:\Windows\System32\DRIVERS\ULILAN51.SYS [28672 2005-03-22] (ULi Electronics Inc.)
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-02 16:06 - 2013-11-02 16:06 - 00000000 ____D C:\FRST
2013-11-02 16:04 - 2013-11-02 16:04 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
2013-11-02 15:57 - 2013-11-02 15:57 - 01089445 _____ (Farbar) C:\Documents and Settings\admin\Desktop\FRST.exe
2013-11-01 17:14 - 2013-11-01 17:14 - 02033232 _____ ( ) C:\Documents and Settings\admin\Desktop\AVG_Autoruns_cz.exe
2013-11-01 17:05 - 2013-11-01 17:05 - 00004556 _____ C:\Documents and Settings\admin\Desktop\gmer log.log
2013-10-29 17:55 - 2013-10-29 17:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-25 07:49 - 2013-10-25 07:49 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Microsoft Corporation
2013-10-23 18:46 - 2013-10-23 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-23 18:46 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-23 18:46 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-23 18:46 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-23 18:46 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-23 18:46 - 2013-10-08 06:29 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-23 18:45 - 2013-10-23 18:46 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-22 20:19 - 2013-10-22 20:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Environmentálna Fyzika
2013-10-19 16:31 - 2013-10-19 16:32 - 00000388 _____ C:\Documents and Settings\admin\My Documents\cc_20131019_173158.reg
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Program Files\Auslogics
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2013-10-14 16:38 - 2013-11-01 18:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Metrológia
2013-10-11 11:02 - 2013-10-16 14:40 - 00000822 _____ C:\Documents and Settings\admin\Desktop\Auslogics DiskDefrag.lnk
2013-10-11 11:02 - 2013-10-11 11:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Auslogics
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 08:40 - 2013-10-11 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 07:58 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-11 07:57 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-11 07:57 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-11 07:57 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-10 19:05 - 2013-10-10 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-06 07:43 - 2013-10-06 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Documents\sun
2013-10-06 07:42 - 2013-10-22 20:06 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Konštrukčné materiály
2013-10-05 17:38 - 2013-10-05 17:39 - 00000000 ___SD C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2013-10-05 17:38 - 2013-10-05 17:38 - 00000865 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.0.1.lnk
2013-10-05 09:50 - 2013-10-05 09:50 - 00000680 _____ C:\Documents and Settings\All Users\Desktop\PDF Architect.lnk
2013-10-05 09:49 - 2013-10-05 09:50 - 00000000 ____D C:\Program Files\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\admin\My Documents\PDF Architect Files
2013-10-05 09:47 - 2013-10-05 09:50 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-10-05 09:47 - 2013-10-05 09:47 - 00000000 ____D C:\Documents and Settings\admin\Application Data\PDF Software
2013-10-05 09:39 - 2013-10-19 16:35 - 00000000 ____D C:\Program Files\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000706 _____ C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\admin\Application Data\pdfforge
2013-10-05 09:39 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMAPI32.OCX
2013-10-05 09:39 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPIDE.DLL
2013-10-04 20:01 - 2013-10-04 20:01 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 20:00 - 2013-10-23 18:46 - 00000000 ____D C:\Program Files\Java
2013-10-04 19:56 - 2013-10-04 19:56 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\Audacity.lnk
2013-10-04 09:32 - 2013-10-27 19:54 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Diagnostika
==================== One Month Modified Files and Folders =======
2013-11-02 16:06 - 2013-11-02 16:06 - 00000000 ____D C:\FRST
2013-11-02 16:04 - 2013-11-02 16:04 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
2013-11-02 15:57 - 2013-11-02 15:57 - 01089445 _____ (Farbar) C:\Documents and Settings\admin\Desktop\FRST.exe
2013-11-02 15:48 - 2008-10-03 08:40 - 01617219 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-02 15:46 - 2008-10-03 10:27 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-02 15:46 - 2008-10-03 10:27 - 00000051 _____ C:\WINDOWS\wiaservc.log
2013-11-02 15:46 - 2008-10-03 08:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-02 12:28 - 2008-10-03 08:44 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-02 12:27 - 2008-10-03 08:44 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2013-11-02 11:15 - 2013-02-22 19:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-11-02 10:51 - 2008-10-05 13:00 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Kingston
2013-11-02 10:37 - 2013-06-22 20:00 - 00000000 ____D C:\Documents and Settings\admin\Application Data\AIMP3
2013-11-02 10:37 - 2008-10-03 08:44 - 00000000 ____D C:\Documents and Settings\admin
2013-11-02 10:32 - 2013-01-10 09:59 - 00000000 ____D C:\Documents and Settings\admin\Application Data\foobar2000
2013-11-02 08:50 - 2010-07-12 16:51 - 00000000 ____D C:\Program Files\SpeedFan
2013-11-01 18:38 - 2013-02-26 19:43 - 00043520 _____ C:\Documents and Settings\admin\My Documents\Cyklo 2013.xls
2013-11-01 18:32 - 2013-02-15 11:08 - 00000000 ____D C:\Program Files\streamWriter
2013-11-01 18:19 - 2013-10-14 16:38 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Metrológia
2013-11-01 17:14 - 2013-11-01 17:14 - 02033232 _____ ( ) C:\Documents and Settings\admin\Desktop\AVG_Autoruns_cz.exe
2013-11-01 17:05 - 2013-11-01 17:05 - 00004556 _____ C:\Documents and Settings\admin\Desktop\gmer log.log
2013-10-31 10:38 - 2010-02-13 22:27 - 00000682 _____ C:\Documents and Settings\admin\My Documents\abc.txt
2013-10-31 10:24 - 2011-04-06 14:38 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Audacity
2013-10-30 20:52 - 2010-11-01 12:34 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2013-10-30 20:52 - 2009-07-21 09:11 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 18:50 - 2010-03-26 15:04 - 00000000 ____D C:\Documents and Settings\admin\Application Data\ICQ
2013-10-30 09:42 - 2012-04-24 18:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-29 21:42 - 2013-10-01 20:23 - 00554736 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-1614895754-1801674531-1003-0.dat
2013-10-29 21:42 - 2013-10-01 20:23 - 00143142 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-10-29 20:33 - 2013-10-01 18:53 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Programovanie
2013-10-29 17:56 - 2013-10-29 17:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-29 17:52 - 2006-02-28 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-27 19:54 - 2013-10-04 09:32 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Diagnostika
2013-10-27 12:25 - 2011-09-21 19:59 - 00000000 ____D C:\Documents and Settings\admin\My Documents\IKP
2013-10-27 08:19 - 2008-10-03 10:24 - 00590908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-25 07:49 - 2013-10-25 07:49 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Microsoft Corporation
2013-10-24 17:47 - 2008-10-03 10:22 - 00000211 ___SH C:\boot.ini
2013-10-24 17:47 - 2006-02-28 13:00 - 00000532 _____ C:\WINDOWS\win.ini
2013-10-24 17:47 - 2006-02-28 13:00 - 00000256 _____ C:\WINDOWS\system.ini
2013-10-23 19:02 - 2013-10-01 18:09 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Visual Studio 2010
2013-10-23 18:46 - 2013-10-23 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-23 18:46 - 2013-10-23 18:45 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-23 18:46 - 2013-10-04 20:00 - 00000000 ____D C:\Program Files\Java
2013-10-22 20:19 - 2013-10-22 20:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Environmentálna Fyzika
2013-10-22 20:06 - 2013-10-06 07:42 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Konštrukčné materiály
2013-10-22 18:12 - 2010-06-17 18:44 - 00000000 ____D C:\Program Files\PokerStars
2013-10-20 18:30 - 2012-03-30 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-20 18:30 - 2011-05-14 18:14 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-20 18:30 - 2008-10-03 09:32 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Application Data\Adobe
2013-10-19 16:38 - 2008-10-03 10:23 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-10-19 16:38 - 2008-10-03 10:23 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-10-19 16:38 - 2008-10-03 10:22 - 40632320 _____ C:\WINDOWS\system32\config\software.bak
2013-10-19 16:38 - 2008-10-03 10:22 - 01835008 _____ C:\WINDOWS\system32\config\default.bak
2013-10-19 16:38 - 2008-10-03 08:44 - 00262144 _____ C:\Documents and Settings\NetworkService\NTUSER.bak
2013-10-19 16:38 - 2008-10-03 08:44 - 00249856 _____ C:\Documents and Settings\LocalService\NTUSER.bak
2013-10-19 16:37 - 2010-06-29 10:34 - 15990784 _____ C:\Documents and Settings\admin\ntuser.bak
2013-10-19 16:37 - 2008-10-03 08:44 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-10-19 16:37 - 2008-10-03 08:44 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-10-19 16:35 - 2013-10-05 09:39 - 00000000 ____D C:\Program Files\PDFCreator
2013-10-19 16:32 - 2013-10-19 16:31 - 00000388 _____ C:\Documents and Settings\admin\My Documents\cc_20131019_173158.reg
2013-10-19 16:22 - 2011-09-10 08:54 - 00000803 _____ C:\Documents and Settings\All Users\Desktop\Wise Registry Cleaner.lnk
2013-10-19 16:22 - 2011-09-10 08:54 - 00000000 ____D C:\Program Files\Wise Registry Cleaner
2013-10-19 16:22 - 2011-09-10 08:54 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Wise Registry Cleaner
2013-10-19 10:05 - 2013-02-05 13:15 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Jaytech Music Podcast
2013-10-18 10:25 - 2008-10-03 08:38 - 00000000 ____D C:\WINDOWS\Registration
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Program Files\Auslogics
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2013-10-16 14:40 - 2013-10-11 11:02 - 00000822 _____ C:\Documents and Settings\admin\Desktop\Auslogics DiskDefrag.lnk
2013-10-13 18:31 - 2009-12-24 20:42 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-11 11:02 - 2013-10-11 11:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Auslogics
2013-10-11 08:56 - 2008-11-02 20:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 08:56 - 2008-10-03 10:23 - 00133280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 08:49 - 2013-08-13 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 08:45 - 2010-06-04 13:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-11 08:45 - 2008-10-08 19:05 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 08:40 - 2013-10-11 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 08:39 - 2010-02-12 12:10 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-10 19:05 - 2013-10-10 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-10 19:05 - 2013-09-04 19:13 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-08 17:43 - 2009-06-25 16:56 - 00021080 _____ C:\Documents and Settings\admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-08 06:50 - 2013-10-23 18:46 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-08 06:46 - 2013-10-23 18:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-08 06:46 - 2013-10-23 18:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-08 06:46 - 2013-10-23 18:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-08 06:29 - 2013-10-23 18:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-06 07:43 - 2013-10-06 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Documents\sun
2013-10-05 17:39 - 2013-10-05 17:38 - 00000000 ___SD C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2013-10-05 17:38 - 2013-10-05 17:38 - 00000865 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.0.1.lnk
2013-10-05 17:37 - 2013-07-29 18:33 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-10-05 09:50 - 2013-10-05 09:50 - 00000680 _____ C:\Documents and Settings\All Users\Desktop\PDF Architect.lnk
2013-10-05 09:50 - 2013-10-05 09:49 - 00000000 ____D C:\Program Files\PDF Architect
2013-10-05 09:50 - 2013-10-05 09:47 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\admin\My Documents\PDF Architect Files
2013-10-05 09:47 - 2013-10-05 09:47 - 00000000 ____D C:\Documents and Settings\admin\Application Data\PDF Software
2013-10-05 09:39 - 2013-10-05 09:39 - 00000706 _____ C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\admin\Application Data\pdfforge
2013-10-04 20:01 - 2013-10-04 20:01 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 19:56 - 2013-10-04 19:56 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\Audacity.lnk
2013-10-04 19:56 - 2012-03-23 15:44 - 00000688 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Audacity.lnk
2013-10-04 19:56 - 2012-03-23 15:44 - 00000000 ____D C:\Program Files\Audacity
2013-10-04 09:20 - 2013-09-04 19:09 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Application Data\Avg2014
Files to move or delete:
====================
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\admin\Local Settings\temp\sfamcc00001.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:189.91 GB) (Free:44.6 GB) NTFS ==>[Drive with boot components (Windows XP)]
Available physical RAM: 1314.19 MB
Total physical RAM: 2046.42 MB
Percentage of memory in use: 35%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows XP) (Size: 190 GB) (Disk ID: E5E8E5E8)
Partition 1: (Active) - (Size=190 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\admin\Desktop" je 3 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig
C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion
"C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon Sandbox Manager 3.25.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3250~1.15\SPOON-~2.EXE Startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon.net Console.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3333~1.13\SPOON-~3.EXE -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon.net Sandbox Manager 3.33.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3333~1.13\SPOON-~2.EXE Startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~1\Secunia\PSI\psi_tray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
TomTomHOMEService REG_DWORD 0x2
Apple Mobile Device REG_DWORD 0x2
RichVideo REG_DWORD 0x2
IswSvc REG_DWORD 0x2
ICQ Service REG_DWORD 0x2
Secunia PSI Agent REG_DWORD 0x3
ServiceLayer REG_DWORD 0x3
UserAccess7 REG_DWORD 0x2
gusvc REG_DWORD 0x2
Sony Ericsson PCCompanion REG_DWORD 0x3
AdobeFlashPlayerUpdateSvc REG_DWORD 0x3
NVSvc REG_DWORD 0x2
JavaQuickStarterService REG_DWORD 0x2
Sony PC Companion REG_DWORD 0x3
Secunia Update Agent REG_DWORD 0x2
!SASCORE REG_DWORD 0x2
PDF Architect Service REG_DWORD 0x2
PDF Architect Helper Service REG_DWORD 0x2
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.7\\ICQ.exe"="C:\\Program Files\\ICQ7.7\\ICQ.exe:*:Enabled:ICQ7.7"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Disabled:Google Earth"
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"="C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe:*:Disabled:Google Earth"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\ICQ7.7\\ICQ.exe"="C:\\Program Files\\ICQ7.7\\ICQ.exe:*:Enabled:ICQ7.7"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"="C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by admin (administrator) on PCPC on 02-11-2013 16:07:15
Running from C:\Documents and Settings\admin\Desktop
Systém Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(HP) C:\WINDOWS\system32\HPZipm12.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20053608 2011-05-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-02] ()
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstall ... 2decf7d34c
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://shmu.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKCU - DefaultScope {C460A616-D148-475C-A510-351BAF75FC43} URL = http://www.google.co.uk/search?hl=en&q= ... meta=&rlz=
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {C460A616-D148-475C-A510-351BAF75FC43} URL = http://www.google.co.uk/search?hl=en&q= ... meta=&rlz=
SearchScopes: HKCU - {ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} URL = http://uk.search.yahoo.com/search?p={se ... meta=vc%3D
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20
FireFox:
========
FF ProfilePath: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default
FF Homepage: hxxp://www.shmu.sk/sk/?page=1
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @spoon.net/Spoon Plugin 3.33 - C:\Documents and Settings\admin\Local Settings\Application Data\Spoon\3.33.3.13\npMozillaSpoonPlugin.dll (Code Systems Corporation)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\hadaj-video.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\ivsk.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\radiask.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: StatusbarEx - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\doudehou@gmail.com
FF Extension: Vacuum Places Improved - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\VacuumPlacesImproved@lultimouomo-gmail.com
FF Extension: Flagfox - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Blue Fox - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: cache - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\cache@status.org.xpi
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: personas - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\personas@christopher.beard.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF Extension: aniweatherdefault - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: prefs - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
FF Extension: No Name - C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\d0vrzssq.default\Extensions\{d122ad80-ff45-11dd-87af-0800200c9a66}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.0.1.12
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S2 gupdate1c935ece674815e; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2012-02-28] (Google Inc.)
S4 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 UserAccess7; C:\WINDOWS\system32\UAService7.exe [221184 2009-06-30] (Sony DADC Austria AG.)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search)
S4 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [x]
S4 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
S3 ASPI; C:\WINDOWS\System32\DRIVERS\ASPI32.sys [16512 2002-07-17] (Adaptec)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies)
S3 CrystalSysInfo; C:\Program Files\AudioCoder\SysInfo.sys [15152 2007-09-25] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R0 m5288; C:\Windows\System32\DRIVERS\m5288.sys [210304 2005-12-23] (ULi Electronics Inc.)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-07-03] (Secunia)
S3 PSSDK42; C:\WINDOWS\system32\Drivers\pssdk42.sys [38976 2013-01-28] (microOLAP Technologies LTD)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 ULI5261XP; C:\Windows\System32\DRIVERS\ULILAN51.SYS [28672 2005-03-22] (ULi Electronics Inc.)
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-02 16:06 - 2013-11-02 16:06 - 00000000 ____D C:\FRST
2013-11-02 16:04 - 2013-11-02 16:04 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
2013-11-02 15:57 - 2013-11-02 15:57 - 01089445 _____ (Farbar) C:\Documents and Settings\admin\Desktop\FRST.exe
2013-11-01 17:14 - 2013-11-01 17:14 - 02033232 _____ ( ) C:\Documents and Settings\admin\Desktop\AVG_Autoruns_cz.exe
2013-11-01 17:05 - 2013-11-01 17:05 - 00004556 _____ C:\Documents and Settings\admin\Desktop\gmer log.log
2013-10-29 17:55 - 2013-10-29 17:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-25 07:49 - 2013-10-25 07:49 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Microsoft Corporation
2013-10-23 18:46 - 2013-10-23 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-23 18:46 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-23 18:46 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-23 18:46 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-23 18:46 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-23 18:46 - 2013-10-08 06:29 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-23 18:45 - 2013-10-23 18:46 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-22 20:19 - 2013-10-22 20:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Environmentálna Fyzika
2013-10-19 16:31 - 2013-10-19 16:32 - 00000388 _____ C:\Documents and Settings\admin\My Documents\cc_20131019_173158.reg
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Program Files\Auslogics
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2013-10-14 16:38 - 2013-11-01 18:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Metrológia
2013-10-11 11:02 - 2013-10-16 14:40 - 00000822 _____ C:\Documents and Settings\admin\Desktop\Auslogics DiskDefrag.lnk
2013-10-11 11:02 - 2013-10-11 11:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Auslogics
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 08:40 - 2013-10-11 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 07:58 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-11 07:57 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-11 07:57 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-11 07:57 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-10 19:05 - 2013-10-10 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-06 07:43 - 2013-10-06 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Documents\sun
2013-10-06 07:42 - 2013-10-22 20:06 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Konštrukčné materiály
2013-10-05 17:38 - 2013-10-05 17:39 - 00000000 ___SD C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2013-10-05 17:38 - 2013-10-05 17:38 - 00000865 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.0.1.lnk
2013-10-05 09:50 - 2013-10-05 09:50 - 00000680 _____ C:\Documents and Settings\All Users\Desktop\PDF Architect.lnk
2013-10-05 09:49 - 2013-10-05 09:50 - 00000000 ____D C:\Program Files\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\admin\My Documents\PDF Architect Files
2013-10-05 09:47 - 2013-10-05 09:50 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-10-05 09:47 - 2013-10-05 09:47 - 00000000 ____D C:\Documents and Settings\admin\Application Data\PDF Software
2013-10-05 09:39 - 2013-10-19 16:35 - 00000000 ____D C:\Program Files\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000706 _____ C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\admin\Application Data\pdfforge
2013-10-05 09:39 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMAPI32.OCX
2013-10-05 09:39 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPIDE.DLL
2013-10-04 20:01 - 2013-10-04 20:01 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 20:00 - 2013-10-23 18:46 - 00000000 ____D C:\Program Files\Java
2013-10-04 19:56 - 2013-10-04 19:56 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\Audacity.lnk
2013-10-04 09:32 - 2013-10-27 19:54 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Diagnostika
==================== One Month Modified Files and Folders =======
2013-11-02 16:06 - 2013-11-02 16:06 - 00000000 ____D C:\FRST
2013-11-02 16:04 - 2013-11-02 16:04 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\admin\Desktop\FRSTLauncher.exe
2013-11-02 15:57 - 2013-11-02 15:57 - 01089445 _____ (Farbar) C:\Documents and Settings\admin\Desktop\FRST.exe
2013-11-02 15:48 - 2008-10-03 08:40 - 01617219 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-02 15:46 - 2008-10-03 10:27 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-02 15:46 - 2008-10-03 10:27 - 00000051 _____ C:\WINDOWS\wiaservc.log
2013-11-02 15:46 - 2008-10-03 08:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-02 12:28 - 2008-10-03 08:44 - 00032512 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-02 12:27 - 2008-10-03 08:44 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2013-11-02 11:15 - 2013-02-22 19:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-11-02 10:51 - 2008-10-05 13:00 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Kingston
2013-11-02 10:37 - 2013-06-22 20:00 - 00000000 ____D C:\Documents and Settings\admin\Application Data\AIMP3
2013-11-02 10:37 - 2008-10-03 08:44 - 00000000 ____D C:\Documents and Settings\admin
2013-11-02 10:32 - 2013-01-10 09:59 - 00000000 ____D C:\Documents and Settings\admin\Application Data\foobar2000
2013-11-02 08:50 - 2010-07-12 16:51 - 00000000 ____D C:\Program Files\SpeedFan
2013-11-01 18:38 - 2013-02-26 19:43 - 00043520 _____ C:\Documents and Settings\admin\My Documents\Cyklo 2013.xls
2013-11-01 18:32 - 2013-02-15 11:08 - 00000000 ____D C:\Program Files\streamWriter
2013-11-01 18:19 - 2013-10-14 16:38 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Metrológia
2013-11-01 17:14 - 2013-11-01 17:14 - 02033232 _____ ( ) C:\Documents and Settings\admin\Desktop\AVG_Autoruns_cz.exe
2013-11-01 17:05 - 2013-11-01 17:05 - 00004556 _____ C:\Documents and Settings\admin\Desktop\gmer log.log
2013-10-31 10:38 - 2010-02-13 22:27 - 00000682 _____ C:\Documents and Settings\admin\My Documents\abc.txt
2013-10-31 10:24 - 2011-04-06 14:38 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Audacity
2013-10-30 20:52 - 2010-11-01 12:34 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2013-10-30 20:52 - 2009-07-21 09:11 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 18:50 - 2010-03-26 15:04 - 00000000 ____D C:\Documents and Settings\admin\Application Data\ICQ
2013-10-30 09:42 - 2012-04-24 18:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-29 21:42 - 2013-10-01 20:23 - 00554736 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-1614895754-1801674531-1003-0.dat
2013-10-29 21:42 - 2013-10-01 20:23 - 00143142 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-10-29 20:33 - 2013-10-01 18:53 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Programovanie
2013-10-29 17:56 - 2013-10-29 17:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-29 17:52 - 2006-02-28 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-27 19:54 - 2013-10-04 09:32 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Diagnostika
2013-10-27 12:25 - 2011-09-21 19:59 - 00000000 ____D C:\Documents and Settings\admin\My Documents\IKP
2013-10-27 08:19 - 2008-10-03 10:24 - 00590908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-25 07:49 - 2013-10-25 07:49 - 00000000 ____D C:\Documents and Settings\admin\Application Data\Microsoft Corporation
2013-10-24 17:47 - 2008-10-03 10:22 - 00000211 ___SH C:\boot.ini
2013-10-24 17:47 - 2006-02-28 13:00 - 00000532 _____ C:\WINDOWS\win.ini
2013-10-24 17:47 - 2006-02-28 13:00 - 00000256 _____ C:\WINDOWS\system.ini
2013-10-23 19:02 - 2013-10-01 18:09 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Visual Studio 2010
2013-10-23 18:46 - 2013-10-23 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-23 18:46 - 2013-10-23 18:45 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-23 18:46 - 2013-10-04 20:00 - 00000000 ____D C:\Program Files\Java
2013-10-22 20:19 - 2013-10-22 20:19 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Environmentálna Fyzika
2013-10-22 20:06 - 2013-10-06 07:42 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Konštrukčné materiály
2013-10-22 18:12 - 2010-06-17 18:44 - 00000000 ____D C:\Program Files\PokerStars
2013-10-20 18:30 - 2012-03-30 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-20 18:30 - 2011-05-14 18:14 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-20 18:30 - 2008-10-03 09:32 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Application Data\Adobe
2013-10-19 16:38 - 2008-10-03 10:23 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-10-19 16:38 - 2008-10-03 10:23 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-10-19 16:38 - 2008-10-03 10:22 - 40632320 _____ C:\WINDOWS\system32\config\software.bak
2013-10-19 16:38 - 2008-10-03 10:22 - 01835008 _____ C:\WINDOWS\system32\config\default.bak
2013-10-19 16:38 - 2008-10-03 08:44 - 00262144 _____ C:\Documents and Settings\NetworkService\NTUSER.bak
2013-10-19 16:38 - 2008-10-03 08:44 - 00249856 _____ C:\Documents and Settings\LocalService\NTUSER.bak
2013-10-19 16:37 - 2010-06-29 10:34 - 15990784 _____ C:\Documents and Settings\admin\ntuser.bak
2013-10-19 16:37 - 2008-10-03 08:44 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-10-19 16:37 - 2008-10-03 08:44 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-10-19 16:35 - 2013-10-05 09:39 - 00000000 ____D C:\Program Files\PDFCreator
2013-10-19 16:32 - 2013-10-19 16:31 - 00000388 _____ C:\Documents and Settings\admin\My Documents\cc_20131019_173158.reg
2013-10-19 16:22 - 2011-09-10 08:54 - 00000803 _____ C:\Documents and Settings\All Users\Desktop\Wise Registry Cleaner.lnk
2013-10-19 16:22 - 2011-09-10 08:54 - 00000000 ____D C:\Program Files\Wise Registry Cleaner
2013-10-19 16:22 - 2011-09-10 08:54 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Wise Registry Cleaner
2013-10-19 10:05 - 2013-02-05 13:15 - 00000000 ____D C:\Documents and Settings\admin\My Documents\Jaytech Music Podcast
2013-10-18 10:25 - 2008-10-03 08:38 - 00000000 ____D C:\WINDOWS\Registration
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Program Files\Auslogics
2013-10-16 14:40 - 2013-10-16 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
2013-10-16 14:40 - 2013-10-11 11:02 - 00000822 _____ C:\Documents and Settings\admin\Desktop\Auslogics DiskDefrag.lnk
2013-10-13 18:31 - 2009-12-24 20:42 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-11 11:02 - 2013-10-11 11:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Auslogics
2013-10-11 08:56 - 2008-11-02 20:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 08:56 - 2008-10-03 10:23 - 00133280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 08:51 - 2013-10-11 08:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 08:49 - 2013-08-13 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 08:45 - 2010-06-04 13:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-11 08:45 - 2008-10-08 19:05 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 08:40 - 2013-10-11 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 08:39 - 2013-10-11 08:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 08:39 - 2010-02-12 12:10 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-10 19:05 - 2013-10-10 19:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-10 19:05 - 2013-09-04 19:13 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-08 17:43 - 2009-06-25 16:56 - 00021080 _____ C:\Documents and Settings\admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-08 06:50 - 2013-10-23 18:46 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-08 06:46 - 2013-10-23 18:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-08 06:46 - 2013-10-23 18:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-08 06:46 - 2013-10-23 18:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-08 06:29 - 2013-10-23 18:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-06 07:43 - 2013-10-06 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Documents\sun
2013-10-05 17:39 - 2013-10-05 17:38 - 00000000 ___SD C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice 4.0.1
2013-10-05 17:38 - 2013-10-05 17:38 - 00000865 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.0.1.lnk
2013-10-05 17:37 - 2013-07-29 18:33 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-10-05 09:50 - 2013-10-05 09:50 - 00000680 _____ C:\Documents and Settings\All Users\Desktop\PDF Architect.lnk
2013-10-05 09:50 - 2013-10-05 09:49 - 00000000 ____D C:\Program Files\PDF Architect
2013-10-05 09:50 - 2013-10-05 09:47 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDF Architect
2013-10-05 09:49 - 2013-10-05 09:49 - 00000000 ____D C:\Documents and Settings\admin\My Documents\PDF Architect Files
2013-10-05 09:47 - 2013-10-05 09:47 - 00000000 ____D C:\Documents and Settings\admin\Application Data\PDF Software
2013-10-05 09:39 - 2013-10-05 09:39 - 00000706 _____ C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PDFCreator
2013-10-05 09:39 - 2013-10-05 09:39 - 00000000 ____D C:\Documents and Settings\admin\Application Data\pdfforge
2013-10-04 20:01 - 2013-10-04 20:01 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 19:56 - 2013-10-04 19:56 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\Audacity.lnk
2013-10-04 19:56 - 2012-03-23 15:44 - 00000688 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Audacity.lnk
2013-10-04 19:56 - 2012-03-23 15:44 - 00000000 ____D C:\Program Files\Audacity
2013-10-04 09:20 - 2013-09-04 19:09 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Application Data\Avg2014
Files to move or delete:
====================
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\admin\Local Settings\temp\sfamcc00001.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:189.91 GB) (Free:44.6 GB) NTFS ==>[Drive with boot components (Windows XP)]
Available physical RAM: 1314.19 MB
Total physical RAM: 2046.42 MB
Percentage of memory in use: 35%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows XP) (Size: 190 GB) (Disk ID: E5E8E5E8)
Partition 1: (Active) - (Size=190 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\admin\Desktop" je 3 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig
C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion
"C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon Sandbox Manager 3.25.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3250~1.15\SPOON-~2.EXE Startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon.net Console.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3333~1.13\SPOON-~3.EXE -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Start Menu^Programs^Startup^Spoon.net Sandbox Manager 3.33.lnk
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\Spoon\3333~1.13\SPOON-~2.EXE Startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~1\Secunia\PSI\psi_tray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
TomTomHOMEService REG_DWORD 0x2
Apple Mobile Device REG_DWORD 0x2
RichVideo REG_DWORD 0x2
IswSvc REG_DWORD 0x2
ICQ Service REG_DWORD 0x2
Secunia PSI Agent REG_DWORD 0x3
ServiceLayer REG_DWORD 0x3
UserAccess7 REG_DWORD 0x2
gusvc REG_DWORD 0x2
Sony Ericsson PCCompanion REG_DWORD 0x3
AdobeFlashPlayerUpdateSvc REG_DWORD 0x3
NVSvc REG_DWORD 0x2
JavaQuickStarterService REG_DWORD 0x2
Sony PC Companion REG_DWORD 0x3
Secunia Update Agent REG_DWORD 0x2
!SASCORE REG_DWORD 0x2
PDF Architect Service REG_DWORD 0x2
PDF Architect Helper Service REG_DWORD 0x2
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.7\\ICQ.exe"="C:\\Program Files\\ICQ7.7\\ICQ.exe:*:Enabled:ICQ7.7"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Disabled:Google Earth"
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"="C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe:*:Disabled:Google Earth"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\ICQ7.7\\ICQ.exe"="C:\\Program Files\\ICQ7.7\\ICQ.exe:*:Enabled:ICQ7.7"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"="C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (4.4 KiB) Staženo 61 x
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} URL = http://uk.search.yahoo.com/search?p={se ... meta=vc%3D
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
S4 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [x]
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\admin\Local Settings\temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by admin at 2013-11-02 19:40:43 Run:1
Running from C:\Documents and Settings\admin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} URL = http://uk.search.yahoo.com/search?p={se ... meta=vc%3D
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
S4 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [x]
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\admin\Local Settings\temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Value deleted successfully.
HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
ICQ Service => Service deleted successfully.
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Documents and Settings\admin\Local Settings\temp => Moved successfully.
C:\Program Files\Common Files\Java\Java Update\jusched.exe => Moved successfully.
==== End of Fixlog ====
Ran by admin at 2013-11-02 19:40:43 Run:1
Running from C:\Documents and Settings\admin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} URL = http://uk.search.yahoo.com/search?p={se ... meta=vc%3D
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
S4 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [x]
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\admin\Local Settings\temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_3 => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ECCE6A4D-2D03-4538-BDBD-C7B7FCAD0E4E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Value deleted successfully.
HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
ICQ Service => Service deleted successfully.
C:\Documents and Settings\All Users\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Documents and Settings\admin\Local Settings\temp => Moved successfully.
C:\Program Files\Common Files\Java\Java Update\jusched.exe => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Ohladom disku či malware? Tie súbory čo sa vracali sa vrátili tak po týždni dvoch, takže teraz to určiť ešte neviem. Ale disk stále zaspatý okolo 3 MB/s. Chcel som urobiť ešte error scan, no ale to by týmto tempom bežalo deň a noc, takže neviem, nechápem.
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Disk můžeme zkontrolovat podstatně rychleji. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
----------------------------------------------------------------------------
CrystalDiskInfo 6.0.0 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/11/02 20:43:24
-- Controller Map ----------------------------------------------------------
+ Intel(R) N10/ICH7 Family Serial ATA Storage Controller - 27C0 [ATA]
+ Primary IDE Channel (0)
- Maxtor 6L200M0
+ Secondary IDE Channel (1)
- HL-DT-ST DVDRAM GSA-H10N
-- Disk List ---------------------------------------------------------------
(1) Maxtor 6L200M0 : 203,9 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Maxtor 6L200M0
----------------------------------------------------------------------------
Model : Maxtor 6L200M0
Firmware : BANC1G10
Serial Number : L408ZBZH
Disk Size : 203,9 GB (8,4/137,4/203,9/203,9)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 398297088
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : ---- | SATA/150
Power On Hours : 598 hod. (?)
Power On Count : 4398 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 207 207 _63 0000000035DB Čas na roztočenie platní
04 251 251 __0 0000000011AB Počet spustení/zastavení
05 253 253 _63 000000000000 Počet premapovaných sektorov
06 253 253 100 000000000000 Počet dosiahnutí konca kanála pri čítaní
07 253 252 __0 000000000000 Počet chybných vyhľadávaní
08 246 239 187 000000008721 Čas potrebný na vyhľadanie
09 208 208 __0 000000008C2A Počet odpracovaných hodín
0A 253 252 157 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 253 252 223 000000000000 Počet pokusov o prekalibrovanie
0C 242 242 __0 00000000112E Počet cyklov zapnutia zariadenia
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklov načítania/vymazania
C2 _41 253 __0 00000000002B Teplota
C3 253 251 __0 000000009888 Počet opráv chybného čítania
C4 253 253 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 253 253 __0 000000000000 Počet podozrivých sektorov
C6 253 253 __0 000000000000 Počet neopraviteľných sektorov
C7 199 199 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 253 252 __0 000000000000 Počet chýb pri zápise sektorov
C9 253 252 __0 000000000001 Počet soft. chýb pri čítaní
CA 253 239 __0 000000000000 Počet chýb pri adresovaní údajov
CB 253 252 180 000000000001 Počet chýb v kódoch na opravu chýb
CC 253 252 __0 000000000000 Počet softvérovo opravených chýb v opravných kódoch
CD 253 252 __0 000000000000 Počet chýb spôsobených vysokou teplotou
CF 253 252 __0 000000000000 Množstvo napätia potrebného na roztočenie disku
D0 253 252 __0 000000000000 Počet vyslaných impulzov na roztočenie disku pri nedostatočnom napájaní
D1 240 240 __0 0000000000A4 Výkon pri vyhľadávaní na disku pri interných testoch disku
D2 253 252 __0 000000000000 Špecifický pre výrobcu
D3 253 252 __0 000000000000 Počet vibrácií pri zápise
D4 253 252 __0 000000000000 Počet otrasov pri zápise
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4C34 3038 5A42 5A48 2020 2020 2020 2020 2020 2020
020: 0003 4000 0004 4241 4E43 3147 3130 4D61 7874 6F72
030: 2036 4C32 3030 4D30 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0102 0000 0040 0000
080: 00FE 001E 7C6B 7F09 4673 7C69 3E21 4663 207F 0000
090: 0000 0000 FFFE 0000 C0FE 0008 0029 00D5 C350 0000
100: 8800 17BD 0000 0000 0029 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0113 0000 FFFF FFFF 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0021 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 27 00 CF CF DB 35 00 00 00 00 00 04 32
010: 00 FB FB AB 11 00 00 00 00 00 05 33 00 FD FD 00
020: 00 00 00 00 00 00 06 01 00 FD FD 00 00 00 00 00
030: 00 00 07 0A 00 FD FC 00 00 00 00 00 00 00 08 27
040: 00 F6 EF 21 87 00 00 00 00 00 09 32 00 D0 D0 2A
050: 8C 00 00 00 00 00 0A 2B 00 FD FC 00 00 00 00 00
060: 00 00 0B 2B 00 FD FC 00 00 00 00 00 00 00 0C 32
070: 00 F2 F2 2E 11 00 00 00 00 00 C0 32 00 FD FD 00
080: 00 00 00 00 00 00 C1 32 00 FD FD 00 00 00 00 00
090: 00 00 C2 32 00 29 FD 2B 00 00 00 00 00 00 C3 0A
0A0: 00 FD FB 88 98 00 00 00 00 00 C4 08 00 FD FD 00
0B0: 00 00 00 00 00 00 C5 08 00 FD FD 00 00 00 00 00
0C0: 00 00 C6 08 00 FD FD 00 00 00 00 00 00 00 C7 08
0D0: 00 C7 C7 00 00 00 00 00 00 00 C8 0A 00 FD FC 00
0E0: 00 00 00 00 00 00 C9 0A 00 FD FC 01 00 00 00 00
0F0: 00 00 CA 0A 00 FD EF 00 00 00 00 00 00 00 CB 0B
100: 00 FD FC 01 00 00 00 00 00 00 CC 0A 00 FD FC 00
110: 00 00 00 00 00 00 CD 0A 00 FD FC 00 00 00 00 00
120: 00 00 CF 2A 00 FD FC 00 00 00 00 00 00 00 D0 2A
130: 00 FD FC 00 00 00 00 00 00 00 D1 24 00 F0 F0 A4
140: 00 00 00 00 00 00 D2 32 00 FD FC 00 00 00 00 00
150: 00 00 D3 32 00 FD FC 00 00 00 00 00 00 00 D4 32
160: 00 FD FC 00 00 00 00 00 00 00 80 00 1A 06 01 5B
170: 03 00 01 00 02 51 00 00 00 00 00 00 00 00 00 00
180: 00 00 39 00 00 00 00 00 00 00 00 01 00 00 01 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF 87
1A0: BD 17 10 00 00 00 00 00 2F 00 00 88 BD 17 30 00
1B0: 00 00 00 88 BD 17 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 FF
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 3F 00 00 00 00 00 00 00 00 00 00 04 00
010: 00 00 00 00 00 00 00 00 00 00 05 3F 00 00 00 00
020: 00 00 00 00 00 00 06 64 00 00 00 00 00 00 00 00
030: 00 00 07 00 00 00 00 00 00 00 00 00 00 00 08 BB
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 9D 00 00 00 00 00 00 00 00
060: 00 00 0B DF 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0F0: 00 00 CA 00 00 00 00 00 00 00 00 00 00 00 CB B4
100: 00 00 00 00 00 00 00 00 00 00 CC 00 00 00 00 00
110: 00 00 00 00 00 00 CD 00 00 00 00 00 00 00 00 00
120: 00 00 CF 00 00 00 00 00 00 00 00 00 00 00 D0 00
130: 00 00 00 00 00 00 00 00 00 00 D1 00 00 00 00 00
140: 00 00 00 00 00 00 D2 00 00 00 00 00 00 00 00 00
150: 00 00 D3 00 00 00 00 00 00 00 00 00 00 00 D4 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14
CrystalDiskInfo 6.0.0 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/11/02 20:43:24
-- Controller Map ----------------------------------------------------------
+ Intel(R) N10/ICH7 Family Serial ATA Storage Controller - 27C0 [ATA]
+ Primary IDE Channel (0)
- Maxtor 6L200M0
+ Secondary IDE Channel (1)
- HL-DT-ST DVDRAM GSA-H10N
-- Disk List ---------------------------------------------------------------
(1) Maxtor 6L200M0 : 203,9 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Maxtor 6L200M0
----------------------------------------------------------------------------
Model : Maxtor 6L200M0
Firmware : BANC1G10
Serial Number : L408ZBZH
Disk Size : 203,9 GB (8,4/137,4/203,9/203,9)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 398297088
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : ---- | SATA/150
Power On Hours : 598 hod. (?)
Power On Count : 4398 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 207 207 _63 0000000035DB Čas na roztočenie platní
04 251 251 __0 0000000011AB Počet spustení/zastavení
05 253 253 _63 000000000000 Počet premapovaných sektorov
06 253 253 100 000000000000 Počet dosiahnutí konca kanála pri čítaní
07 253 252 __0 000000000000 Počet chybných vyhľadávaní
08 246 239 187 000000008721 Čas potrebný na vyhľadanie
09 208 208 __0 000000008C2A Počet odpracovaných hodín
0A 253 252 157 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 253 252 223 000000000000 Počet pokusov o prekalibrovanie
0C 242 242 __0 00000000112E Počet cyklov zapnutia zariadenia
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklov načítania/vymazania
C2 _41 253 __0 00000000002B Teplota
C3 253 251 __0 000000009888 Počet opráv chybného čítania
C4 253 253 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 253 253 __0 000000000000 Počet podozrivých sektorov
C6 253 253 __0 000000000000 Počet neopraviteľných sektorov
C7 199 199 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 253 252 __0 000000000000 Počet chýb pri zápise sektorov
C9 253 252 __0 000000000001 Počet soft. chýb pri čítaní
CA 253 239 __0 000000000000 Počet chýb pri adresovaní údajov
CB 253 252 180 000000000001 Počet chýb v kódoch na opravu chýb
CC 253 252 __0 000000000000 Počet softvérovo opravených chýb v opravných kódoch
CD 253 252 __0 000000000000 Počet chýb spôsobených vysokou teplotou
CF 253 252 __0 000000000000 Množstvo napätia potrebného na roztočenie disku
D0 253 252 __0 000000000000 Počet vyslaných impulzov na roztočenie disku pri nedostatočnom napájaní
D1 240 240 __0 0000000000A4 Výkon pri vyhľadávaní na disku pri interných testoch disku
D2 253 252 __0 000000000000 Špecifický pre výrobcu
D3 253 252 __0 000000000000 Počet vibrácií pri zápise
D4 253 252 __0 000000000000 Počet otrasov pri zápise
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4C34 3038 5A42 5A48 2020 2020 2020 2020 2020 2020
020: 0003 4000 0004 4241 4E43 3147 3130 4D61 7874 6F72
030: 2036 4C32 3030 4D30 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0102 0000 0040 0000
080: 00FE 001E 7C6B 7F09 4673 7C69 3E21 4663 207F 0000
090: 0000 0000 FFFE 0000 C0FE 0008 0029 00D5 C350 0000
100: 8800 17BD 0000 0000 0029 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0113 0000 FFFF FFFF 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0021 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 27 00 CF CF DB 35 00 00 00 00 00 04 32
010: 00 FB FB AB 11 00 00 00 00 00 05 33 00 FD FD 00
020: 00 00 00 00 00 00 06 01 00 FD FD 00 00 00 00 00
030: 00 00 07 0A 00 FD FC 00 00 00 00 00 00 00 08 27
040: 00 F6 EF 21 87 00 00 00 00 00 09 32 00 D0 D0 2A
050: 8C 00 00 00 00 00 0A 2B 00 FD FC 00 00 00 00 00
060: 00 00 0B 2B 00 FD FC 00 00 00 00 00 00 00 0C 32
070: 00 F2 F2 2E 11 00 00 00 00 00 C0 32 00 FD FD 00
080: 00 00 00 00 00 00 C1 32 00 FD FD 00 00 00 00 00
090: 00 00 C2 32 00 29 FD 2B 00 00 00 00 00 00 C3 0A
0A0: 00 FD FB 88 98 00 00 00 00 00 C4 08 00 FD FD 00
0B0: 00 00 00 00 00 00 C5 08 00 FD FD 00 00 00 00 00
0C0: 00 00 C6 08 00 FD FD 00 00 00 00 00 00 00 C7 08
0D0: 00 C7 C7 00 00 00 00 00 00 00 C8 0A 00 FD FC 00
0E0: 00 00 00 00 00 00 C9 0A 00 FD FC 01 00 00 00 00
0F0: 00 00 CA 0A 00 FD EF 00 00 00 00 00 00 00 CB 0B
100: 00 FD FC 01 00 00 00 00 00 00 CC 0A 00 FD FC 00
110: 00 00 00 00 00 00 CD 0A 00 FD FC 00 00 00 00 00
120: 00 00 CF 2A 00 FD FC 00 00 00 00 00 00 00 D0 2A
130: 00 FD FC 00 00 00 00 00 00 00 D1 24 00 F0 F0 A4
140: 00 00 00 00 00 00 D2 32 00 FD FC 00 00 00 00 00
150: 00 00 D3 32 00 FD FC 00 00 00 00 00 00 00 D4 32
160: 00 FD FC 00 00 00 00 00 00 00 80 00 1A 06 01 5B
170: 03 00 01 00 02 51 00 00 00 00 00 00 00 00 00 00
180: 00 00 39 00 00 00 00 00 00 00 00 01 00 00 01 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF 87
1A0: BD 17 10 00 00 00 00 00 2F 00 00 88 BD 17 30 00
1B0: 00 00 00 88 BD 17 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 FF
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 3F 00 00 00 00 00 00 00 00 00 00 04 00
010: 00 00 00 00 00 00 00 00 00 00 05 3F 00 00 00 00
020: 00 00 00 00 00 00 06 64 00 00 00 00 00 00 00 00
030: 00 00 07 00 00 00 00 00 00 00 00 00 00 00 08 BB
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 9D 00 00 00 00 00 00 00 00
060: 00 00 0B DF 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0F0: 00 00 CA 00 00 00 00 00 00 00 00 00 00 00 CB B4
100: 00 00 00 00 00 00 00 00 00 00 CC 00 00 00 00 00
110: 00 00 00 00 00 00 CD 00 00 00 00 00 00 00 00 00
120: 00 00 CF 00 00 00 00 00 00 00 00 00 00 00 D0 00
130: 00 00 00 00 00 00 00 00 00 00 D1 00 00 00 00 00
140: 00 00 00 00 00 00 D2 00 00 00 00 00 00 00 00 00
150: 00 00 D3 00 00 00 00 00 00 00 00 00 00 00 D4 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Sisk je v pořádku. Podívejte se ještě do správce zařízení>řadiče IDE/ATA. Rozklikněte a pak pravým myšítkem na jednotlivé kanály>vlastnosti>upřesnit se přesvědčte, zda je zapnut DMA režim. Pokud ne, zapněte, nastavení uložte a restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Vyzerá to nejak takto, ten prvý kanál má ako keby zapnutý PIO mode. Ako zapnem DMA netuším, skúsil som odkliknúť DMA if available - OK - reštart a nič je to stále PIO mode a disk stále pomalý.
- Přílohy
-
- IDE.JPG (60.9 KiB) Zobrazeno 1808 x
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém po Gmer scane
Ono to znamená:
DMA, je-li k dispozici. Pokud ne, zapne se samočinně PIO. Pokud je disk připojen k sekundárním kanálu (tam je DMA zapnut) je to v pořádku. Podle logu z Crystalu, je ale disk připojen k některému SATA kanálu a ty obrázky jsou z klalsických IDE.
DMA, je-li k dispozici. Pokud ne, zapne se samočinně PIO. Pokud je disk připojen k sekundárním kanálu (tam je DMA zapnut) je to v pořádku. Podle logu z Crystalu, je ale disk připojen k některému SATA kanálu a ty obrázky jsou z klalsických IDE.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém po Gmer scane
Som z toho jeleň 
čiže tie hodnoty nemajú s mojim diskom nič spoločné?
Iné možnosti, kde zapnúť DMA režim nevidím.
V system event logu mám približne z toho času kedy mi disk začal blbnúť desiatky rovnakých chýb, niečo s IDE. Do prílohy som jednu dal. V iných dňoch sa nevyskytujú.
čiže tie hodnoty nemajú s mojim diskom nič spoločné?Iné možnosti, kde zapnúť DMA režim nevidím.
V system event logu mám približne z toho času kedy mi disk začal blbnúť desiatky rovnakých chýb, niečo s IDE. Do prílohy som jednu dal. V iných dňoch sa nevyskytujú.
- Přílohy
-
- event log.rar
- (589 bajtů) Staženo 67 x
Přispějete na provoz fóra?