Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#16 Příspěvek od stell »

takto ty si uz mala stiahnuty Combofix?? alebo teraz si stiahla z navodu??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#17 Příspěvek od milansilvia »

Som stiahol z tvojho navodu ,ale som skusal stahovať aj z iných liniek a stale to isté. Mám win Vista tak či to nie je preto.
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#18 Příspěvek od stell »

na VISTE combofix ide v pohode,
odinstaluj combofix
1>klik start-klik spustit do okna vloz prikaz combofix /uninstall
2:stiahnes OTC spustis to podla navodu
stiahni>>OTC
2x-kliknite OTC.exe.
Kliknite na tlačidlo CleanUp!
Vyberte Áno, ak
Otvorenie procesu čistenia?

Ak sa zobrazí výzva na reštartovanie počas čistenia, vyberte Áno.
Nástroj sám sa zmaže, keď to skončí, ak nie odstrániť .
3:restart,precisti pc CCleanerom
Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,
4:Teraz stiahnes combofix,ale z mojho navodu a spust presne tak ako je v navode
b] PROSIM CITAJTE POZORNE NAVODY!!!,[/b]

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe






- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#19 Příspěvek od stell »

teraz pise kolegyna ze combofix strajkuje,takze ak nepojde pokracujes takto
Stahni OTListIt2>> OTL
- spust
-zafajkni
-Scan all users.
-Lop check.
-Purity check.
-v sekciiExtra Registry>zaboduj>Use SafeList
-do okna Custom Scans/Fixes>vloz zeleny text a klik Run SCAN
-scan trva [10-15 min]>.potom vloz sem
-OTL.txt (bude na ploche).
-Extras.txt [bude dole na hlavnom panely]

Kód: Vybrat vše

/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
/md5stop
vloz sem log a zajtra pokracujeme,dnes koncim,dobru noc,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#20 Příspěvek od milansilvia »

Ahoj, tak som urobil logy. Som zvedavý čo to bude . Ten extras.txt musím dať do dalšieho okna lebo sa to tu nezmestí. Dakujem ahoj.

OTL logfile created on: 19. 1. 2010 10:58:46 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1 013,00 Mb Total Physical Memory | 113,00 Mb Available Physical Memory | 11,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,39 Gb Total Space | 7,99 Gb Free Space | 11,51% Space Free | Partition Type: NTFS
Drive D: | 5,14 Gb Total Space | 1,09 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SILVIAAMILAN-PC
Current User Name: Milan a Silvia
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/19 10:56:33 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\OTL.exe
PRC - [2010/01/18 13:39:20 | 01,504,768 | ---- | M] (Michel Krämer) -- C:\Program Files\Spamihilator\spamihilator.exe
PRC - [2009/12/23 10:47:54 | 00,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/12/23 10:47:52 | 01,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/11/21 07:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/18 04:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/07/01 17:37:06 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/05/18 09:50:18 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/05/18 09:50:18 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/11 07:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
PRC - [2009/04/11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/05 21:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 21:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 21:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 21:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 21:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/06/18 13:01:34 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxtray.exe
PRC - [2008/06/18 13:01:32 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe
PRC - [2008/06/18 13:01:30 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exe
PRC - [2008/06/18 13:01:26 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe
PRC - [2008/01/19 08:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 08:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/12/10 19:55:26 | 00,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac207\Monitor.exe
PRC - [2007/04/26 15:59:25 | 00,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/02/12 14:50:40 | 00,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2006/12/03 00:32:22 | 00,167,936 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2006/11/21 01:06:12 | 00,063,080 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
PRC - [2006/11/15 07:02:46 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/11/06 18:58:18 | 00,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2006/11/02 18:24:10 | 00,491,606 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2006/10/18 17:56:54 | 00,317,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2006/10/18 17:32:36 | 00,472,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2006/10/10 15:49:42 | 00,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2006/09/06 20:12:46 | 00,323,216 | ---- | M] (Napster) -- C:\Program Files\Napster\napster.exe
PRC - [2006/08/04 18:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\XAudio.exe
PRC - [2006/05/02 22:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2005/02/17 07:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe


========== Modules (SafeList) ==========

MOD - [2010/01/19 10:56:33 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\OTL.exe
MOD - [2009/04/11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2009/12/23 10:47:52 | 01,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/02/18 19:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/02/05 21:08:40 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 21:08:26 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 21:06:04 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 21:01:25 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/01/19 08:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/21 01:06:12 | 00,063,080 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2006/11/06 21:31:14 | 00,887,544 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/01 19:17:32 | 00,073,728 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/08/04 18:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2006/06/26 17:50:08 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2006/05/02 22:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2004/10/22 11:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/09/23 13:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/07/28 16:33:56 | 00,055,656 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:12:24 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/17 11:19:44 | 00,057,672 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/17 11:17:40 | 00,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/02/13 12:35:05 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/02/05 21:07:23 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 21:07:12 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 21:06:59 | 00,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/02/05 21:06:20 | 00,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 21:06:10 | 00,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008/06/18 12:38:20 | 02,307,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/06/18 12:38:20 | 02,307,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008/02/13 17:17:26 | 00,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007/04/03 13:55:26 | 10,251,904 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2006/11/17 17:20:26 | 00,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2006/11/17 17:20:26 | 00,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/15 07:24:00 | 00,179,256 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/11/02 15:43:50 | 00,145,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006/11/02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 00,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 00,163,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2006/11/02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 12:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 12:08:14 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/18 12:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/09/26 00:19:52 | 00,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/08/04 18:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/24 11:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/06/28 17:57:00 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/06/28 17:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 15:26:58 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/10/13 17:19:12 | 08,701,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1214843699-2932688582-3037194264-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
IE - HKU\S-1-5-21-1214843699-2932688582-3037194264-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1214843699-2932688582-3037194264-1000\S-1-5-21-1214843699-2932688582-3037194264-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 22:41:30 | 00,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1214843699-2932688582-3037194264-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214843699-2932688582-3037194264-1000..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.com/srl_bin/sysreqlab_ind.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.212.12.2 88.212.10.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqFlow.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqFlow.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 16:18:54 | 00,000,340 | -H-- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/19 10:56:29 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\OTL.exe
[2010/01/19 10:30:51 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/18 18:36:18 | 00,000,000 | ---D | C] -- C:\zaloha
[2010/01/18 17:47:45 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/18 15:22:04 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/01/18 15:22:04 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/01/18 15:22:04 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/01/18 15:21:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/01/18 15:21:55 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/01/18 13:43:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Spamihilator
[2010/01/18 13:43:08 | 00,000,000 | ---D | C] -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Spamihilator
[2010/01/18 13:41:33 | 00,000,000 | ---D | C] -- C:\Program Files\Spamihilator
[2010/01/18 13:10:32 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/01/18 10:35:46 | 00,000,000 | ---D | C] -- C:\Program Files\Ultimate Process Manager
[2010/01/14 15:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Program4Pc
[2010/01/14 15:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\PC Image Editor
[2010/01/13 19:03:12 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/13 19:03:10 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/12/26 18:55:59 | 00,000,000 | ---D | C] -- C:\Windows\PixArt
[2009/12/21 18:02:46 | 00,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpx32.dll
[2009/12/21 17:57:11 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\amcap.exe
[2009/12/21 17:57:01 | 10,251,904 | ---- | C] (Sonix Co. Ltd.) -- C:\Windows\System32\drivers\snp325.sys
[2009/12/21 17:57:00 | 00,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll
[2009/12/21 17:57:00 | 00,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll
[2009/12/21 17:57:00 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll
[2009/12/21 17:57:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\snp325
[2009/12/21 17:56:18 | 00,000,000 | ---D | C] -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\InstallShield
[2005/09/13 00:45:06 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2004/02/16 20:59:52 | 00,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 30 Days ==========

[2010/01/19 11:07:19 | 01,572,864 | -HS- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\NTUSER.DAT
[2010/01/19 11:05:31 | 00,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{998B468C-9444-443B-BAD5-61D1D44652AF}.job
[2010/01/19 10:56:33 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\OTL.exe
[2010/01/19 10:45:21 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010/01/19 10:29:09 | 00,000,151 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/01/19 10:28:44 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/19 10:28:43 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010/01/19 10:28:41 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010/01/19 10:28:38 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010/01/19 10:25:54 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/19 10:25:53 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/19 10:25:50 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/19 10:25:38 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/19 10:25:35 | 10,613,26848 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/18 22:07:00 | 00,524,288 | -HS- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/18 22:07:00 | 00,065,536 | -HS- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/18 22:06:34 | 03,011,900 | -H-- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\IconCache.db
[2010/01/18 21:54:39 | 00,196,608 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\ComboFix.exe
[2010/01/18 21:14:22 | 00,087,120 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/01/18 21:12:00 | 00,335,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/18 20:00:08 | 00,000,680 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\d3d9caps.dat
[2010/01/18 17:47:47 | 00,001,670 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\CCleaner.lnk
[2010/01/18 17:43:47 | 00,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/18 15:22:26 | 00,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/01/18 13:43:31 | 00,000,888 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
[2010/01/18 10:37:49 | 00,001,952 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2010/01/18 10:37:49 | 00,001,910 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010/01/18 10:06:06 | 00,013,085 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\MemTest.zip
[2010/01/14 15:20:30 | 00,033,522 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\fotka 2.jpg
[2010/01/14 15:19:15 | 00,028,205 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\fotka 1.jpg
[2010/01/14 15:13:53 | 00,273,205 | ---- | M] () -- C:\Windows\PC Image Editor Uninstaller.exe
[2010/01/14 15:13:42 | 00,000,878 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\PC Image Editor.lnk
[2010/01/14 15:07:10 | 00,373,805 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\DSC00052.JPG
[2010/01/14 15:06:29 | 00,360,245 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\DSC00051.JPG
[2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/10 19:22:40 | 00,230,432 | ---- | M] () -- C:\PA207.DAT
[2010/01/06 10:48:22 | 00,007,949 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\reakcia na ponuku.odt
[2010/01/04 16:55:15 | 00,008,733 | ---- | M] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\Bez názvu 1.odt
[2009/12/21 18:19:09 | 00,115,224 | ---- | M] () -- C:\img2-001.raw
[2009/12/21 17:57:12 | 00,000,202 | ---- | M] () -- C:\Windows\win.ini

========== Files Created - No Company Name ==========

[2010/01/18 21:23:33 | 00,196,608 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\ComboFix.exe
[2010/01/18 21:14:04 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/18 20:05:19 | 10,613,26848 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/18 17:47:47 | 00,001,670 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\CCleaner.lnk
[2010/01/18 17:03:25 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010/01/18 15:22:26 | 00,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/01/18 13:43:31 | 00,000,888 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
[2010/01/18 10:06:06 | 00,013,085 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\MemTest.zip
[2010/01/17 20:55:10 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010/01/17 11:33:48 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010/01/17 11:33:46 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010/01/14 15:17:37 | 00,033,522 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\fotka 2.jpg
[2010/01/14 15:15:50 | 00,028,205 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\fotka 1.jpg
[2010/01/14 15:13:42 | 00,273,205 | ---- | C] () -- C:\Windows\PC Image Editor Uninstaller.exe
[2010/01/14 15:13:42 | 00,000,878 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\PC Image Editor.lnk
[2010/01/14 15:07:09 | 00,373,805 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\DSC00052.JPG
[2010/01/14 15:06:23 | 00,360,245 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\DSC00051.JPG
[2010/01/06 10:48:19 | 00,007,949 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\reakcia na ponuku.odt
[2010/01/04 16:55:12 | 00,008,733 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop\Bez názvu 1.odt
[2009/12/26 18:59:41 | 00,230,432 | ---- | C] () -- C:\PA207.DAT
[2009/12/21 18:18:40 | 00,115,224 | ---- | C] () -- C:\img2-001.raw
[2009/12/21 17:57:11 | 00,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2009/12/21 17:57:03 | 00,827,392 | ---- | C] () -- C:\Windows\vsnp325.exe
[2009/12/21 17:57:03 | 00,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2009/12/21 17:57:03 | 00,013,023 | ---- | C] () -- C:\Windows\snp325.src
[2009/12/21 17:57:02 | 00,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2009/09/18 13:12:56 | 00,000,000 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\wklnhst.dat
[2009/09/16 14:11:22 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/13 17:36:01 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/08 14:45:50 | 00,000,680 | ---- | C] () -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\d3d9caps.dat
[2009/09/07 17:22:24 | 00,000,000 | ---- | C] () -- C:\Users\Milan a Silvia\AppData\Local\QSwitch.txt
[2009/09/07 17:22:24 | 00,000,000 | ---- | C] () -- C:\Users\Milan a Silvia\AppData\Local\DSwitch.txt
[2009/09/07 17:22:24 | 00,000,000 | ---- | C] () -- C:\Users\Milan a Silvia\AppData\Local\AtStart.txt
[2008/06/18 12:51:06 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2008/02/11 18:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/10/25 23:02:54 | 00,000,566 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006/11/10 12:54:20 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/19 07:02:40 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/19 07:02:40 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/10 01:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/10/14 10:56:50 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005/10/14 10:56:50 | 00,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005/10/14 10:56:50 | 00,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/10/14 10:56:50 | 00,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005/10/14 10:56:50 | 00,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005/10/14 10:56:50 | 00,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005/10/14 10:56:50 | 00,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005/10/14 10:56:50 | 00,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2005/10/13 17:19:12 | 08,701,824 | ---- | C] () -- C:\Windows\System32\drivers\snpstd3.sys
[2004/02/28 00:36:18 | 00,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2009/09/24 16:09:56 | 00,000,000 | ---D | M] -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\OpenOffice.org
[2009/09/08 15:07:57 | 00,000,000 | ---D | M] -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Opera
[2010/01/19 10:29:29 | 00,000,000 | ---D | M] -- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Spamihilator
[2010/01/19 10:45:21 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/01/19 10:28:38 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/01/19 10:28:41 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/01/19 10:28:43 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/01/19 10:28:44 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/01/18 22:07:25 | 00,032,602 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/01/19 11:05:31 | 00,000,440 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{998B468C-9444-443B-BAD5-61D1D44652AF}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2008/01/19 08:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 08:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 08:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 08:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 08:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 08:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/09/07 19:58:17 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/09/07 19:58:17 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/09/07 19:58:16 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 08:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 08:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 08:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 08:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 08:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< >
< End of report >
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#21 Příspěvek od milansilvia »

Tu je estras.txt

OTL Extras logfile created on: 19. 1. 2010 10:58:46 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Users\Milan a Silvia.SilviaaMilan-PC\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

1 013,00 Mb Total Physical Memory | 113,00 Mb Available Physical Memory | 11,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,39 Gb Total Space | 7,99 Gb Free Space | 11,51% Space Free | Partition Type: NTFS
Drive D: | 5,14 Gb Total Space | 1,09 Gb Free Space | 21,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SILVIAAMILAN-PC
Current User Name: Milan a Silvia
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{138D1B2A-F97E-4B83-BC71-7726D9EF5AF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16F4B936-C917-4AAE-BD6D-CEED4D3DCE7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B34F236-CDB3-4307-9E68-4D35141C40BA}" = protocol=17 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{21C61DEB-37A9-4489-B2D1-DEEF8CF1E002}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A338CDE-05E4-4F1D-95EA-12789F852B8B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FDE5314-A886-42CA-85D8-DFC9856F921A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{317C2DAB-C59C-4930-9F12-F449A36A8899}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31CE5052-5CC7-403B-9191-C997BB4DE944}" = protocol=6 | dir=in | app=c:\program files\spamihilator\spamihilator.exe |
"{3C9611ED-FF51-4D7F-BF64-37ADA73791CB}" = protocol=17 | dir=in | app=c:\program files\spamihilator\spamihilator.exe |
"{3E4833C3-133B-4BFA-83C5-CBCE6E44FFFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43394C71-5D86-4B63-BA1F-84CD8B04BEC5}" = protocol=6 | dir=in | app=c:\program files\spamihilator\dccproc.exe |
"{47AD6C52-4AA7-4B41-8385-0B548ED6721C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5474E85F-1EFF-4C49-B4A6-04847517916E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{572B0C18-0E34-448A-994B-77B8BF960821}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CAAD51E-18F9-4635-92B5-9609A2719B8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{630DB8DF-DA0A-4114-9A65-B36D6CE6A410}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72747F01-4BF6-4105-A133-3B9066FB2F24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7344494C-FD60-4406-B897-00E6FE7C7CBD}" = protocol=17 | dir=in | app=c:\program files\spamihilator\cdcc.exe |
"{737A87D5-960F-463A-ABF2-77E06ADD718D}" = protocol=6 | dir=in | app=c:\program files\spamihilator\cdcc.exe |
"{98AAB5AD-8237-4620-AE6A-764A515F6FD0}" = protocol=6 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{A5A6288E-7CE1-4270-89E8-6B2D92E7F187}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFAB4FAC-831D-42C6-9320-6AC36971790D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B297D820-CBCE-4357-BEA2-B384C35EE0CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE2F3235-B7DF-4844-9BFC-837DAAB06C1B}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F1910421-0FC8-4403-897C-58E2F0087106}" = protocol=17 | dir=in | app=c:\program files\spamihilator\dccproc.exe |
"TCP Query User{0A42C1E6-BAF6-42A5-9192-41F7CFE74B3C}C:\programy\strong dc 1\strongdc\strongdc.exe" = protocol=6 | dir=in | app=c:\programy\strong dc 1\strongdc\strongdc.exe |
"TCP Query User{718668C9-FD82-430D-B17A-FD666407D4A2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{82BC0369-572E-4189-A675-1CB5F371FB83}C:\programy\strong dc\strongdc.exe" = protocol=6 | dir=in | app=c:\programy\strong dc\strongdc.exe |
"TCP Query User{BF901A80-2729-4A28-BE17-0394E760FA64}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C9242F79-A250-449F-AF0F-4FC5FBE780A2}C:\strong dc\strongdc.exe" = protocol=6 | dir=in | app=c:\strong dc\strongdc.exe |
"UDP Query User{1D69E614-DCAC-4F2E-BA2F-B99A47C6F79A}C:\strong dc\strongdc.exe" = protocol=17 | dir=in | app=c:\strong dc\strongdc.exe |
"UDP Query User{6979749A-4471-4FD6-B8AC-55F03B5CDBF5}C:\programy\strong dc\strongdc.exe" = protocol=17 | dir=in | app=c:\programy\strong dc\strongdc.exe |
"UDP Query User{7461B301-A03D-4341-8B8A-0719B8D1A0B4}C:\programy\strong dc 1\strongdc\strongdc.exe" = protocol=17 | dir=in | app=c:\programy\strong dc 1\strongdc\strongdc.exe |
"UDP Query User{AAE945D0-2131-4396-9848-8979FC308280}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D1BD477A-95DE-4804-B614-DA2F0E7E719D}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{15DD1D3C-8386-47D4-91A4-2D25FAFE1255}" = HP User Guide 0039
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.0
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{64D24CA4-3E42-460A-B4C7-FB7A1CE1C629}" = VAG Info System
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{98E16A6D-5BD5-4D11-8806-34FE05F6283B}" = Spamihilator 0.9.9.52 (32 bit)
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D117E09E-6015-4B43-BA3B-8A2177B235FB}_is1" = Carsoft SuperVAG
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30A5" = HDAUDIO Soft Data Fax Modem with SmartCP
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Oracle to Access 1.5 Demo" = Oracle to Access 1.5 Demo
"PC Image Editor" = PC Image Editor
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 18. 1. 2010 7:06:25 | Computer Name = SilviaaMilan-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 18. 1. 2010 10:09:34 | Computer Name = SilviaaMilan-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 18. 1. 2010 12:57:32 | Computer Name = SilviaaMilan-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

[ Application Events ]
Error - 6. 1. 2010 13:06:43 | Computer Name = SilviaaMilan-PC | Source = ESENT | ID = 467
Description = Windows (2300) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemPathDisplay41b of table SystemIndex_0A is corrupted (0).

Error - 6. 1. 2010 13:06:44 | Computer Name = SilviaaMilan-PC | Source = ESENT | ID = 467
Description = Windows (2300) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemPathDisplay41b of table SystemIndex_0A is corrupted (0).

Error - 8. 1. 2010 8:09:46 | Computer Name = SilviaaMilan-PC | Source = ESENT | ID = 467
Description = Windows (2112) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemFolderPathDisplayNarrow41b of table SystemIndex_0A is corrupted
(0).

Error - 8. 1. 2010 11:47:35 | Computer Name = SilviaaMilan-PC | Source = Application Hang | ID = 1002
Description = The program opera.exe version 9.64.10487.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: e3c Start Time: 01ca905d72403ee1 Termination Time: 24

Error - 8. 1. 2010 11:48:23 | Computer Name = SilviaaMilan-PC | Source = Application Hang | ID = 1002
Description = The program opera.exe version 9.64.10487.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b18 Start Time: 01ca9079e57ffac9 Termination Time: 31

Error - 18. 1. 2010 4:59:08 | Computer Name = SilviaaMilan-PC | Source = EventSystem | ID = 4609
Description =

Error - 18. 1. 2010 8:52:15 | Computer Name = SilviaaMilan-PC | Source = EventSystem | ID = 4609
Description =

Error - 18. 1. 2010 10:20:19 | Computer Name = SilviaaMilan-PC | Source = System Restore | ID = 8193
Description =

Error - 18. 1. 2010 11:54:51 | Computer Name = SilviaaMilan-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18865 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: a34 Start Time: 01ca98561a0ea680 Termination Time: 60000

Error - 18. 1. 2010 12:43:13 | Computer Name = SilviaaMilan-PC | Source = EventSystem | ID = 4609
Description =

[ System Events ]
Error - 26. 10. 2009 14:29:01 | Computer Name = SilviaaMilan-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 26. 10. 2009 16:15:19 | Computer Name = SilviaaMilan-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 30. 10. 2009 22:39:48 | Computer Name = SilviaaMilan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 0:34:06 on 31. 10. 2009 was unexpected.

Error - 1. 11. 2009 7:20:55 | Computer Name = SilviaaMilan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:19:37 on 1. 11. 2009 was unexpected.

Error - 1. 11. 2009 10:56:35 | Computer Name = SilviaaMilan-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 1. 11. 2009 11:36:42 | Computer Name = SilviaaMilan-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6. 11. 2009 12:56:02 | Computer Name = SilviaaMilan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 17:54:55 on 6. 11. 2009 was unexpected.

Error - 7. 11. 2009 13:39:19 | Computer Name = SilviaaMilan-PC | Source = volsnap | ID = 393251
Description = The shadow copies of volume C: were aborted because the shadow copy
storage failed to grow.

Error - 7. 11. 2009 16:01:17 | Computer Name = SilviaaMilan-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 8. 11. 2009 12:59:43 | Computer Name = SilviaaMilan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 17:58:00 on 8. 11. 2009 was unexpected.


< End of report >
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#22 Příspěvek od stell »

preco si nainstalovala Aviru,mas tam AVAST,,takze ktory dame prec??1-odinstaluj a napis ze ktory zostava,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#23 Příspěvek od milansilvia »

Odinštalujem Aviru, zostava Avast .Ale to len včera som. Už vieš kde by mohol byť problém???
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#24 Příspěvek od stell »

este nie,precistime to,pozrieme sa na Rootkita,takze najprv vylucime infekciu,,a potom sa uvidi,
1:odinstaluj AVIRU
2:Spust OTL do okna customscan/fixes-vloz zeleny text a klik RunFix
log vloz sem,ak bude treba restartuj pocitac,

Kód: Vybrat vše

:OTL
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" =-
:services
avgntflt
ssmdrv
avipbb
avgio
:files
C:\WINDOWS\System32\drivers\avgntflt.sys
C:\WINDOWS\System32\drivers\ssmdrv.sys
C:\WINDOWS\System32\drivers\avipbb.sys
:commands
[purity]
[emptytemp]
3:
-Stiahni na plochu>> RootRepeal
Link2
-2x klik-RootRepeal.exe
-klik>>Report
-klik>>scan
-zafajkni
-Drivers
-Files
-Processes
-SSDT
-Stealth Objects
-Hidden Services
-Shadow SSD
-klik OK
-zafajknes vsetky disky
-klik-ok
-po skane>klik>save report
-RootRepeal.txt>.vloz sem,
-zatvor program,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#25 Příspěvek od milansilvia »

Tu je ten log a idem robiť ten další.

All processes killed
========== OTL ==========
No active process named avguard.exe was found!
No active process named sched.exe was found!
No active process named avgnt.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avgnt not found.
File C:\Program Files\Avira\AntiVir Desktop\avgnt.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named avgntflt was found to stop!
Unable to stop service avgntflt!
Error: No service named ssmdrv was found to stop!
Unable to stop service ssmdrv!
Error: No service named avipbb was found to stop!
Unable to stop service avipbb!
Error: No service named avgio was found to stop!
Unable to stop service avgio!
========== FILES ==========
C:\WINDOWS\System32\drivers\avgntflt.sys moved successfully.
File\Folder C:\WINDOWS\System32\drivers\ssmdrv.sys not found.
File\Folder C:\WINDOWS\System32\drivers\avipbb.sys not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Milan a Silvia
->Temp folder emptied: 32851 bytes
->Temporary Internet Files folder emptied: 178966 bytes

User: Milan a Silvia.SilviaaMilan-PC
->Temp folder emptied: 11189439 bytes
->Temporary Internet Files folder emptied: 24279388 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 1849114 bytes

User: MILANA~1~SIL
->Temp folder emptied: 41460299 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2621440 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 78,00 mb


OTL by OldTimer - Version 3.1.25.2 log created on 01192010_121109

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP000000029D0A79537B5718A0 not found!

Registry entries deleted on Reboot...
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#26 Příspěvek od milansilvia »

A ten posledný log:

All processes killed
========== OTL ==========
No active process named avguard.exe was found!
No active process named sched.exe was found!
No active process named avgnt.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avgnt not found.
File C:\Program Files\Avira\AntiVir Desktop\avgnt.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named avgntflt was found to stop!
Unable to stop service avgntflt!
Error: No service named ssmdrv was found to stop!
Unable to stop service ssmdrv!
Error: No service named avipbb was found to stop!
Unable to stop service avipbb!
Error: No service named avgio was found to stop!
Unable to stop service avgio!
========== FILES ==========
C:\WINDOWS\System32\drivers\avgntflt.sys moved successfully.
File\Folder C:\WINDOWS\System32\drivers\ssmdrv.sys not found.
File\Folder C:\WINDOWS\System32\drivers\avipbb.sys not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Milan a Silvia
->Temp folder emptied: 32851 bytes
->Temporary Internet Files folder emptied: 178966 bytes

User: Milan a Silvia.SilviaaMilan-PC
->Temp folder emptied: 11189439 bytes
->Temporary Internet Files folder emptied: 24279388 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 1849114 bytes

User: MILANA~1~SIL
->Temp folder emptied: 41460299 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2621440 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 78,00 mb


OTL by OldTimer - Version 3.1.25.2 log created on 01192010_121109

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP000000029D0A79537B5718A0 not found!

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#27 Příspěvek od stell »

vlozila si ten isty log,potrebujem vidiet log z Rootrepealu.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#28 Příspěvek od milansilvia »

Prepač, davam ten z RootRepeal:

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/19 12:22
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8AD48000 Size: 45056 File Visible: No Signed: -
Status: -

Name: dump_msahci.sys
Image Path: C:\Windows\System32\Drivers\dump_msahci.sys
Address: 0x8AD53000 Size: 40960 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xA63E5000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8B9C7~1
Status: Locked to the Windows API!

Path: C:\System Volume Information\{8fd76c89-04dc-11df-aff7-0016d4a2cf69}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{ae3c953e-044b-11df-970f-0016d4a2cf69}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{eaceba47-042d-11df-8b3a-0016d4a2cf69}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_5c94f2bbe7d4aaf6.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_bb1f6aa1308c35eb.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_61305e07e4f1bc01.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_bfff6c932d60651e.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Manifests\18860672a5c66d86c814094edcbe638747283dd1b644f8e960f40ca51d409ff2.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Manifests\821b5699c772c1952968a54dadc77cc29ec0b1dd2fa6ce6df6977a8a00498e13.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Manifests\3582cf91bea0e0e7b5f4b8a168a2e4bf248a01f764aa3c5d7c4f352ebc681e9d.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Manifests\70f19edeeb8e3329aad18f744094ea0319d2ecc78dd6a12559a1e765c42418f7.cat
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18005_none_ae1c8b4b8d1614c8\PRESEN~1.CON
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\x86_netfx-sys_data_oraclient_perfcoun_b03f5f7f11d50a3a_6.0.6002.18005_none_85b39e986e2b96bd\_DATAO~1.INI
Status: Locked to the Windows API!

Path: C:\WINDOWS\inf\.NET Data Provider for Oracle\_DATAO~1.INI
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: C:\WINDOWS\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\local\temp\~df4f05.tmp
Status: Allocation size mismatch (API: 196608, Raw: 16384)

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\local\temp\~df97f9.tmp
Status: Allocation size mismatch (API: 131072, Raw: 16384)

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\local\temp\~df9fae.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\WINDOWS\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PRESEN~1.CON
Status: Locked to the Windows API!

Path: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PRESEN~1.CON
Status: Locked to the Windows API!

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\roaming\skype\silviamilan\etilqs_ocxyek4qekkbxkv80aho
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\roaming\skype\silviamilan\etilqs_oumgvzgcrdykdisycrna
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\users\milan a silvia.silviaamilan-pc\appdata\roaming\microsoft\windows\cookies\low\milan_a_silvia@naj[1].txt
Status: Size mismatch (API: 237, Raw: 234)

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6DHESA7Y\cerveny[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6DHESA7Y\ruzovy[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6DHESA7Y\zeleny[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B1P5GRJL\bledosivy[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B1P5GRJL\chiptunpozadie21[1].jpg
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B1P5GRJL\zlty[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CU8R9X5C\bledomodry[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CU8R9X5C\bledoruzovy[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CU8R9X5C\vypocetvykonuzozrychlenia[1].htm
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZTVESX82\fialovy[1].gif
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZTVESX82\modry[1].gif
Status: Visible to the Windows API, but not on disk.

Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\WINDOWS\System32\audiodg.exe
PID: 1156 Status: Locked to the Windows API!

==EOF==
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Prosím o kontrolu logu

#29 Příspěvek od stell »

ok,nevidim Rotkita,spust OTL-klik cleanup,,yes..yes,,
combofix uz by mal byt funkcny tak ze stiahni a spust,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
milansilvia
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 04 bře 2008 19:05

Re: Prosím o kontrolu logu

#30 Příspěvek od milansilvia »

Nedarí sa mi spraviť log cez combo fix lebo stale zmrzne. Už som mal urobeny a zmrzol. Dufam ,že sa mi podarí.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“