prosim o kontrolu

Zpráva

stelinka1983 · #1 Příspěvek od **stelinka1983** » 19 čer 2010 14:38

Logfile of random's system information tool 1.07 (written by random/random)
Run by pocitac at 2010-06-19 15:35:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 68 GB (85%) free of 80 GB
Total RAM: 895 MB (5% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:02, on 19.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\etMon.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\USB Camera\Driver\emSwapAp2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\pocitac\My Documents\Preberanie\RSIT(2).exe
C:\Program Files\trend micro\pocitac.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: emSwapTool.lnk = C:\Program Files\USB Camera\Driver\emSwapAp2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9317 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-04-28 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-25 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-04-28 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-31 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-19 16858112]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"etMonitor"=C:\WINDOWS\etMon.exe [2007-09-19 102400]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE [2009-04-28 26624]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
emSwapTool.lnk - C:\Program Files\USB Camera\Driver\emSwapAp2.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe"="C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe:*:Enabled:KishKish Lie Detector"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e66356a-42ee-11de-a4c2-001d92dd112f}]
shell\AutoRun\command - bu8.exe
shell\open\command - bu8.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be89a772-68b3-11df-842f-001e8c9dc0dc}]
shell\AutoRun\command - I:\AutoRun.exe

======List of files/folders created in the last 1 months======

2010-06-10 22:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 22:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 22:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 22:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 22:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 22:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-10 22:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-06-05 10:55:52 ----D---- C:\Program Files\Orban
2010-05-31 17:37:31 ----D---- C:\Program Files\Common Files\HP
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-05-31 17:34:32 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-05-31 17:24:17 ----D---- C:\WINDOWS\system32\appmgmt
2010-05-29 16:58:32 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-05-26 23:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-25 17:55:03 ----D---- C:\Program Files\Sweet Home 3D
2010-05-25 17:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-05-25 17:46:58 ----D---- C:\Program Files\Common Files\Java
2010-05-25 17:46:48 ----A---- C:\WINDOWS\system32\javaws.exe
2010-05-25 17:46:48 ----A---- C:\WINDOWS\system32\javaw.exe
2010-05-25 17:46:48 ----A---- C:\WINDOWS\system32\java.exe
2010-05-25 17:46:48 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-05-25 17:46:35 ----D---- C:\Program Files\Java
2010-05-25 17:45:40 ----D---- C:\Documents and Settings\pocitac\Application Data\Sun

======List of files/folders modified in the last 1 months======

2010-06-19 15:35:52 ----D---- C:\Program Files\trend micro
2010-06-19 15:35:50 ----D---- C:\WINDOWS\Prefetch
2010-06-19 13:15:52 ----D---- C:\WINDOWS\Temp
2010-06-19 09:57:55 ----D---- C:\WINDOWS\system32
2010-06-19 09:46:04 ----D---- C:\Program Files\Mozilla Firefox
2010-06-19 01:08:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-18 23:03:26 ----A---- C:\WINDOWS\win.ini
2010-06-11 08:33:10 ----RSD---- C:\WINDOWS\assembly
2010-06-11 08:31:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-11 08:21:33 ----D---- C:\WINDOWS
2010-06-10 22:09:31 ----HD---- C:\WINDOWS\inf
2010-06-10 22:09:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 22:09:26 ----A---- C:\WINDOWS\imsins.BAK
2010-06-10 22:09:24 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 22:07:58 ----SHD---- C:\WINDOWS\Installer
2010-06-10 22:07:58 ----D---- C:\Config.Msi
2010-06-10 22:07:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-10 22:07:14 ----D---- C:\WINDOWS\WinSxS
2010-06-10 22:03:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-10 22:03:31 ----D---- C:\Documents and Settings\pocitac\Application Data\ICQ
2010-06-07 17:38:00 ----SD---- C:\WINDOWS\Tasks
2010-06-05 10:55:52 ----RD---- C:\Program Files
2010-06-04 23:59:54 ----D---- C:\Documents and Settings\pocitac\Application Data\Skype
2010-06-04 18:02:54 ----D---- C:\Documents and Settings\pocitac\Application Data\skypePM
2010-05-31 17:37:31 ----D---- C:\Program Files\Common Files
2010-05-31 17:37:01 ----D---- C:\Program Files\HP
2010-05-31 17:37:01 ----D---- C:\Program Files\Hewlett-Packard
2010-05-31 17:36:52 ----D---- C:\WINDOWS\twain_32
2010-05-30 20:45:12 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 DCamUSBET;ET USB 2760 Camera; C:\WINDOWS\system32\DRIVERS\etDevice.sys [2007-11-29 121856]
R3 FiltUSBET;ET USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\etFilter.sys [2007-09-12 217088]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-26 4737024]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-11 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-05-21 46080]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-05-21 19968]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ScanUSBET;ET USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\etScan.sys [2007-09-07 6656]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\pocitac\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2007-05-15 20543]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-25 153376]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2007-05-21 135233]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2007-05-21 65605]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 19 čer 2010 14:46

Zdravím

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté klikněte na Deletion.
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
autochk.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

stelinka1983 · #3 Příspěvek od **stelinka1983** » 19 čer 2010 14:57

Takze ten USB fix mi nechce stiahnut alebo mi ho zrejme blokne antivirak lebo vyhodi ze nasiel trojskeho kona. idem spravit to dalsie a vlozim logy

#4 Příspěvek od **Caroprd111** » 19 čer 2010 14:58

Antivir dočasně vypněte, je to falešná detekce.

stelinka1983 · #5 Příspěvek od **stelinka1983** » 19 čer 2010 15:08

takze log z USB fixu

############################## | UsbFix 7.011 | [Deletion]

User: pocitac (Administrator) # TURCOVSKA [ ]
Updated 17/06/2010 by El Desaparecido / C_XX
Started at 16:04:18 | 19/06/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]
RAM -> 895 Mb
C:\ (%systemdrive%) -> Fixed drive # 78 Gb (67 Mb free - 85%) [] # NTFS
D:\ -> Fixed drive # 71 Gb (65 Mb free - 92%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Fixed drive # 56 Gb (24 Mb free - 44%) [] # NTFS
H:\ -> Fixed drive # 98 Gb (34 Mb free - 35%) [] # NTFS

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-1390067357-1343024091-725345543-1003
Deleted ! D:\Recycler\S-1-5-21-1390067357-1343024091-725345543-1003
Deleted ! G:\Recycler\S-1-5-21-1390067357-1343024091-725345543-1003
Deleted ! G:\Recycler\S-1-5-21-436374069-1004336348-839522115-1003
Deleted ! H:\Recycler\S-1-5-21-117609710-1580818891-839522115-1003
Deleted ! H:\Recycler\S-1-5-21-1390067357-1343024091-725345543-1003
Deleted ! H:\Recycler\S-1-5-21-436374069-1004336348-839522115-1003

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{8e66356a-42ee-11de-a4c2-001d92dd112f}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{be89a772-68b3-11df-842f-001e8c9dc0dc}

################## | Listing |

[23/09/2009 - 20:01:48 | A | 223] C:\Boot.bak
[17/03/2010 - 16:43:08 | RASH | 293] C:\boot.ini
[17/03/2010 - 16:43:08 | RASHD ] C:\cmdcons
[04/08/2004 - 00:00:00 | A | 260272] C:\cmldr
[10/06/2010 - 22:07:58 | D ] C:\Config.Msi
[27/04/2009 - 16:21:57 | A | 0] C:\CONFIG.SYS
[25/12/2009 - 20:45:49 | D ] C:\d771d781462546c94d9b1907f69e89cb
[27/04/2009 - 16:26:51 | D ] C:\Documents and Settings
[27/04/2009 - 16:21:57 | RASH | 0] C:\IO.SYS
[27/04/2009 - 16:21:57 | RASH | 0] C:\MSDOS.SYS
[27/04/2009 - 17:55:31 | RD ] C:\MSOCache
[04/08/2004 - 03:07:00 | RASH | 47564] C:\NTDETECT.COM
[30/03/2010 - 11:11:37 | RASH | 250048] C:\ntldr
[19/06/2010 - 09:07:34 | ASH | 2145386496] C:\pagefile.sys
[05/06/2010 - 10:55:52 | RD ] C:\Program Files
[19/06/2010 - 16:04:49 | SHD ] C:\RECYCLER
[19/04/2009 - 11:10:53 | A | 522] C:\RHDSetup.log
[18/03/2010 - 22:28:07 | D ] C:\rsit
[27/04/2009 - 16:25:21 | SHD ] C:\System Volume Information
[27/04/2009 - 17:46:46 | D ] C:\temp
[20/12/2009 - 13:30:39 | D ] C:\totalcmd
[19/06/2010 - 16:04:49 | D ] C:\UsbFix
[19/06/2010 - 16:04:52 | A | 1726] C:\UsbFix.txt
[11/06/2010 - 08:21:33 | D ] C:\WINDOWS
[11/10/2009 - 19:46:22 | A | 316019] D:\03b_prihpohl.pdf
[16/08/2009 - 18:19:35 | A | 10978] D:\142-8757685A67UC345892X.jpg
[07/10/2009 - 18:04:20 | A | 48058] D:\BANKA.htm
[07/10/2009 - 18:13:43 | A | 36788] D:\Bez názvu.jpg
[03/12/2009 - 19:31:28 | A | 35991] D:\bt922165_m.jpg
[27/08/2009 - 20:07:45 | A | 348627] D:\DSC00190.JPG
[27/08/2009 - 19:59:02 | A | 298091] D:\DSC00191.JPG
[27/08/2009 - 19:59:26 | A | 273123] D:\DSC00192.JPG
[27/08/2009 - 20:06:00 | A | 312732] D:\DSC00193.JPG
[27/08/2009 - 20:02:42 | A | 266981] D:\DSC00194.JPG
[27/08/2009 - 20:01:17 | A | 263024] D:\DSC00196.JPG
[27/08/2009 - 20:04:11 | A | 226769] D:\DSC00198.JPG
[11/11/2009 - 23:36:46 | A | 259210] D:\DSC00538.JPG
[14/05/2009 - 17:25:42 | D ] D:\FOTKY
[22/05/2009 - 10:56:18 | D ] D:\HRY
[06/10/2009 - 20:09:04 | A | 82560] D:\letenka.jpg
[24/11/2009 - 14:32:45 | A | 25746] D:\nalevka-8.sem.pdf
[16/08/2009 - 19:25:34 | A | 340081] D:\P1000378.jpg
[16/08/2009 - 18:23:12 | A | 365677] D:\P1000411.jpg
[06/09/2009 - 17:49:03 | A | 360328] D:\P1000491.jpg
[16/09/2009 - 18:57:08 | A | 344718] D:\P1000548.jpg
[16/09/2009 - 19:00:20 | A | 359741] D:\P1000552.jpg
[11/10/2009 - 17:35:56 | A | 410551] D:\P1000671.jpg
[15/10/2009 - 20:31:06 | A | 367608] D:\P1000677.jpg
[15/10/2009 - 20:36:18 | A | 320804] D:\P1000686.jpg
[15/10/2009 - 20:25:09 | A | 360744] D:\P1000693.jpg
[16/10/2009 - 20:29:26 | A | 343775] D:\P10007031.jpg
[16/10/2009 - 20:32:46 | A | 426881] D:\P10007041.jpg
[18/10/2009 - 23:05:53 | A | 433490] D:\P10007051.jpg
[27/10/2009 - 19:21:39 | A | 366006] D:\P1000768.jpg
[27/10/2009 - 20:04:10 | A | 367991] D:\P1000770.jpg
[28/10/2009 - 18:32:57 | A | 414762] D:\P1000774.jpg
[28/10/2009 - 18:24:00 | A | 396822] D:\P1000775.jpg
[30/10/2009 - 19:38:42 | A | 359751] D:\P1000780.jpg
[30/10/2009 - 19:30:08 | A | 69380] D:\P1000787.JPG
[30/10/2009 - 19:36:09 | A | 364677] D:\P1000795.jpg
[11/11/2009 - 18:36:00 | A | 365986] D:\P1000833.jpg
[14/11/2009 - 18:40:21 | A | 408216] D:\P1000871.jpg
[15/11/2009 - 14:02:07 | A | 422187] D:\P1000874.jpg
[15/11/2009 - 13:49:25 | A | 355019] D:\P1000880.jpg
[23/11/2009 - 19:03:31 | A | 421742] D:\P1000893.jpg
[23/11/2009 - 18:55:56 | A | 421977] D:\P1000895.jpg
[23/11/2009 - 19:14:39 | A | 540505] D:\P1000903.jpg
[29/11/2009 - 20:49:45 | A | 448456] D:\P1000924.jpg
[29/11/2009 - 20:53:46 | A | 445744] D:\P1000932.jpg
[29/11/2009 - 20:45:15 | A | 412546] D:\P1000936.jpg
[29/11/2009 - 20:57:13 | A | 407794] D:\P1000939.jpg
[29/11/2009 - 21:00:05 | A | 415683] D:\P1000943.jpg
[24/11/2009 - 14:16:14 | A | 114344] D:\ppp.jpg
[19/06/2010 - 16:04:49 | SHD ] D:\RECYCLER
[06/10/2009 - 20:05:04 | A | 751560] D:\sky.one
[27/04/2009 - 17:03:48 | SHD ] D:\System Volume Information
[25/03/2010 - 15:19:40 | ASH | 154624] D:\Thumbs.db
[11/10/2009 - 19:50:58 | A | 31565] D:\Vyplnena_prihlaska_konkurz.docx
[03/06/2009 - 10:52:05 | A | 42037] G:\aaw7boot.log
[19/09/2008 - 21:08:06 | A | 0] G:\AUTOEXEC.BAT
[19/09/2008 - 21:33:42 | RSH | 223] G:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] G:\Bootfont.bin
[24/04/2009 - 16:38:59 | D ] G:\Config.Msi
[19/09/2008 - 21:08:06 | A | 0] G:\CONFIG.SYS
[19/01/2009 - 23:09:11 | D ] G:\Documents and Settings
[19/09/2008 - 21:08:06 | RASH | 0] G:\IO.SYS
[19/09/2008 - 21:08:06 | RASH | 0] G:\MSDOS.SYS
[20/09/2008 - 14:34:15 | RD ] G:\MSOCache
[03/08/2004 - 23:38:34 | RASH | 47564] G:\NTDETECT.COM
[03/08/2004 - 23:59:38 | RASH | 250048] G:\ntldr
[03/06/2009 - 10:52:05 | ASH | 2145386496] G:\pagefile.sys
[24/04/2009 - 16:10:42 | D ] G:\Phenomedia AG
[24/04/2009 - 16:33:43 | RD ] G:\Program Files
[19/06/2010 - 16:04:49 | SHD ] G:\RECYCLER
[19/09/2008 - 21:10:33 | SHD ] G:\System Volume Information
[27/02/2009 - 00:11:28 | D ] G:\TRANSLAT
[17/01/2009 - 14:57:04 | D ] G:\UBISOFT
[25/04/2009 - 20:15:43 | D ] G:\WINDOWS
[30/04/2009 - 09:40:46 | D ] H:\Adobe Photoshop 7.0 CZ
[26/04/2009 - 18:44:23 | D ] H:\Dokumenty
[01/05/2009 - 21:34:45 | D ] H:\Filmy
[30/03/2010 - 20:35:18 | D ] H:\FOTKY
[04/12/2008 - 21:05:54 | D ] H:\HRY
[16/04/2010 - 15:20:32 | D ] H:\Hudba
[28/04/2009 - 19:44:06 | D ] H:\instalacky
[19/06/2010 - 16:04:49 | SHD ] H:\RECYCLER
[06/04/2009 - 12:43:16 | D ] H:\Rozpravky
[07/04/2009 - 19:49:00 | D ] H:\SVADBY
[19/09/2008 - 21:11:28 | SHD ] H:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_TURCOVSKA.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

#6 Příspěvek od **Caroprd111** » 19 čer 2010 15:10

OK, ještě logy z OTL.

stelinka1983 · #7 Příspěvek od **stelinka1983** » 19 čer 2010 15:43

OTL

OTL logfile created on: 19.6.2010 16:09:00 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\pocitac\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,00 Mb Total Physical Memory | 426,00 Mb Available Physical Memory | 48,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 66,71 Gb Free Space | 85,39% Space Free | Partition Type: NTFS
Drive D: | 70,91 Gb Total Space | 65,30 Gb Free Space | 92,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 55,66 Gb Total Space | 24,49 Gb Free Space | 44,00% Space Free | Partition Type: NTFS
Drive H: | 97,72 Gb Total Space | 34,20 Gb Free Space | 35,00% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: TURCOVSKA
Current User Name: pocitac
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.19 15:57:58 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pocitac\Desktop\OTL.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.06.24 20:33:50 | 000,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.19 15:57:58 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pocitac\Desktop\OTL.exe
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007.05.21 10:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2007.05.21 10:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2007.05.15 09:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.26 10:01:44 | 004,737,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.11.29 04:16:34 | 000,121,856 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2007.09.12 20:58:34 | 000,217,088 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2007.09.07 13:43:56 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007.05.21 04:43:12 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.05.21 04:43:08 | 000,046,080 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.31 00:35:00 | 003,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006.10.18 02:31:38 | 000,105,472 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2004.08.11 18:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.306
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://ws.infospace.com/coolchaser_game ... 60531&qkw="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.05 09:18:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.25 17:46:48 | 000,000,000 | ---D | M]

[2009.04.27 16:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Extensions
[2010.06.19 09:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\extensions
[2010.03.25 17:05:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.24 19:23:12 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.06.02 21:25:40 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010.05.26 22:54:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.06.15 16:49:07 | 000,001,248 | ---- | M] () -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\searchplugins\facebook.xml
[2010.06.12 16:00:22 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\searchplugins\icqplugin.xml
[2010.06.02 21:26:35 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\pocitac\Application Data\Mozilla\Firefox\Profiles\rmbek8f1.default\searchplugins\search-the-web.xml
[2010.06.18 22:30:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.01 10:00:18 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.25 17:46:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.25 17:46:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.06.24 14:56:44 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.06.24 14:56:44 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.06.24 14:56:44 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.06.24 14:56:45 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.06.24 14:56:45 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.06.24 14:56:45 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2004.08.04 03:07:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [etMonitor] C:\WINDOWS\etMon.exe (EMPIA Technology Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKU\S-1-5-21-1390067357-1343024091-725345543-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-1390067357-1343024091-725345543-1003..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE ()
O4 - HKLM..\RunOnce: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\emSwapTool.lnk = C:\Program Files\USB Camera\Driver\emSwapAp2.exe (eMPIA Technology, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1 208.67.220.220 208.67.222.222
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\pocitac\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\pocitac\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.19 16:04:53 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.06.19 16:04:53 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008.09.19 21:08:06 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.19 16:04:53 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.06.19 16:04:53 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.06.19 16:04:53 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2010.06.19 16:00:47 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.06.19 16:00:30 | 001,225,123 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\pocitac\Desktop\UsbFix(3).exe
[2010.06.19 15:57:51 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pocitac\Desktop\OTL.exe
[2010.06.19 15:53:54 | 001,163,866 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\pocitac\Desktop\UsbFix(2).exe.part
[2010.06.05 10:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Orban
[2010.05.31 17:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2010.05.31 17:34:32 | 000,282,680 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZidr12.dll
[2010.05.31 17:34:32 | 000,204,800 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipr12.dll
[2010.05.31 17:34:32 | 000,094,208 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipt12.dll
[2010.05.31 17:34:32 | 000,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2010.05.31 17:34:32 | 000,065,536 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2010.05.31 17:34:32 | 000,057,344 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZisn12.dll
[2010.05.31 17:24:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.05.31 11:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pocitac\Desktop\dok
[2010.05.25 18:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pocitac\Desktop\byt
[2010.05.25 17:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D
[2010.05.25 17:46:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.05.25 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.05.25 17:46:48 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.25 17:46:48 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.25 17:46:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.25 17:46:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.25 17:46:48 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.25 17:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.05.25 17:45:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pocitac\Application Data\Sun
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.19 16:04:53 | 000,011,277 | ---- | M] () -- C:\UsbFix_Upload_Me_TURCOVSKA.zip
[2010.06.19 16:00:41 | 001,225,123 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\pocitac\Desktop\UsbFix(3).exe
[2010.06.19 15:57:58 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pocitac\Desktop\OTL.exe
[2010.06.19 15:54:12 | 001,163,866 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\pocitac\Desktop\UsbFix(2).exe.part
[2010.06.19 15:53:56 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\UsbFix(2).exe
[2010.06.19 15:52:07 | 000,067,160 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\UsbFix.exe
[2010.06.19 09:08:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.19 09:07:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.19 09:07:41 | 000,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.19 09:07:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.19 01:08:49 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\pocitac\NTUSER.DAT
[2010.06.19 01:08:49 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\pocitac\ntuser.ini
[2010.06.18 23:03:26 | 000,000,891 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.16 12:59:27 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\pocitac\.jmf-resource
[2010.06.11 08:20:38 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 22:09:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.10 22:07:24 | 000,492,248 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.10 22:07:24 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.10 22:07:24 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.09 17:53:21 | 000,013,365 | ---- | M] () -- C:\Documents and Settings\pocitac\My Documents\Martina Sabolová.docx
[2010.06.06 16:13:29 | 000,014,664 | ---- | M] () -- C:\Documents and Settings\pocitac\My Documents\VŠETKO NAJLEPŠIE.docx
[2010.06.05 11:00:13 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\Tuner2 - your ears will know.lnk
[2010.06.05 11:00:13 | 000,000,836 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\AAC-aacPlus Plugin Read Me.lnk
[2010.06.04 18:02:46 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.06.03 12:00:20 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\OKTÓBROVÁ REVOLÚCIA.doc
[2010.06.03 11:59:55 | 000,092,160 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\DRUHÁ SVETOVÁ VOJNA už dobra.doc
[2010.05.31 17:38:32 | 000,117,647 | ---- | M] () -- C:\WINDOWS\hpoins11.dat
[2010.05.31 17:37:58 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk
[2010.05.31 17:37:25 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.05.31 17:37:12 | 000,000,984 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010.05.31 17:22:24 | 000,000,014 | ---- | M] () -- C:\Documents and Settings\pocitac\DOT4_001
[2010.05.31 17:21:10 | 000,000,014 | ---- | M] () -- C:\Documents and Settings\pocitac\USB001
[2010.05.30 20:45:12 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.30 20:44:40 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\pocitac\default.pls
[2010.05.28 18:32:57 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\pocitac\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 23:28:13 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\pocitac\My Documents\ŽIVOTOPIS.doc
[2010.05.25 17:55:11 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\Sweet Home 3D.lnk
[2010.05.25 17:46:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.25 17:46:38 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.25 17:46:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.25 17:46:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.25 17:46:38 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.24 19:38:52 | 000,012,501 | ---- | M] () -- C:\Documents and Settings\pocitac\Desktop\http.docx
[2010.05.20 21:34:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.05.20 20:42:35 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.19 16:04:53 | 000,011,277 | ---- | C] () -- C:\UsbFix_Upload_Me_TURCOVSKA.zip
[2010.06.19 15:53:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\UsbFix(2).exe
[2010.06.19 15:51:39 | 000,067,160 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\UsbFix.exe
[2010.06.16 12:59:27 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\pocitac\.jmf-resource
[2010.06.09 17:53:20 | 000,013,365 | ---- | C] () -- C:\Documents and Settings\pocitac\My Documents\Martina Sabolová.docx
[2010.06.06 16:13:28 | 000,014,664 | ---- | C] () -- C:\Documents and Settings\pocitac\My Documents\VŠETKO NAJLEPŠIE.docx
[2010.06.05 10:55:52 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\Tuner2 - your ears will know.lnk
[2010.06.05 10:55:52 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\AAC-aacPlus Plugin Read Me.lnk
[2010.06.03 12:00:19 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\OKTÓBROVÁ REVOLÚCIA.doc
[2010.06.03 11:59:54 | 000,092,160 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\DRUHÁ SVETOVÁ VOJNA už dobra.doc
[2010.05.31 17:37:58 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk
[2010.05.31 17:37:25 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.05.31 17:37:12 | 000,000,984 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2010.05.31 17:28:05 | 000,117,647 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010.05.31 17:22:24 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\pocitac\DOT4_001
[2010.05.31 17:18:38 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\pocitac\USB001
[2010.05.25 23:28:13 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\pocitac\My Documents\ŽIVOTOPIS.doc
[2010.05.25 17:55:11 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\Sweet Home 3D.lnk
[2010.05.24 19:38:51 | 000,012,501 | ---- | C] () -- C:\Documents and Settings\pocitac\Desktop\http.docx
[2009.06.05 10:19:28 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009.06.05 10:19:28 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009.06.05 10:19:27 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009.06.05 10:19:27 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009.05.03 20:20:43 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.04.28 17:11:31 | 000,002,455 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.04.27 18:00:46 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.27 16:39:14 | 000,001,677 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.27 16:38:56 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.27 16:38:54 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.27 16:38:53 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.27 16:38:53 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.27 16:38:53 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.27 16:38:53 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.19 11:03:59 | 000,017,370 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.04.19 11:03:44 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.19 11:03:41 | 000,017,118 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.19 11:03:30 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006.10.31 00:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.31 00:35:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.31 00:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.31 00:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.31 00:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.31 00:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.31 00:35:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2001.07.07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010.03.17 17:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.02.22 17:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.04.28 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2009.06.05 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.04.28 17:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010.06.10 22:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\ICQ
[2009.04.27 16:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\InterVideo
[2009.04.28 17:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\LangSoft

========== Purity Check ==========

< End of report >

stelinka1983 · #8 Příspěvek od **stelinka1983** » 19 čer 2010 15:44

Log EXTRAS
OTL Extras logfile created on: 19.6.2010 16:09:00 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\pocitac\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,00 Mb Total Physical Memory | 426,00 Mb Available Physical Memory | 48,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 66,71 Gb Free Space | 85,39% Space Free | Partition Type: NTFS
Drive D: | 70,91 Gb Total Space | 65,30 Gb Free Space | 92,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 55,66 Gb Total Space | 24,49 Gb Free Space | 44,00% Space Free | Partition Type: NTFS
Drive H: | 97,72 Gb Total Space | 34,20 Gb Free Space | 35,00% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: TURCOVSKA
Current User Name: pocitac
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1390067357-1343024091-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe" = C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe:*:Enabled:KishKish Lie Detector -- (Alex Rosenbaum and KishKish.com)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}" = Farming Extreme Manager
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DC9BEFF-07FC-4631-BBF4-8F00F74953C2}" = InterVideo WinDVD Platinum
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1051-7B44-A93000000001}" = Adobe Reader 9.3.2 - Slovak
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BCB002B8-493D-4C3F-A968-774FC0881051}" = Nero 7 Essentials
"{BCC5DC79-2275-4171-8CEA-39F0DD9ADF58}" = CANYON USB PC CAMERA
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{E96EC7BF-DDDA-4B86-A2D9-7D733B0578A0}" = NavyFIELD Europe (EN)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{BCC5DC79-2275-4171-8CEA-39F0DD9ADF58}" = CANYON USB PC CAMERA
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.5.0 Full
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5)" = Mozilla Firefox (3.5)
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUS" = Microsoft Office Professional Plus 2007
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Sweet Home 3D_is1" = Sweet Home 3D version 2.3
"Totalcmd" = Total Commander (Remove or Repair)
"Usbfix" = Usbfix By C_XX & El Desaparecido
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archivátor

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.3.2010 12:45:31 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.2.3667, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 21.3.2010 12:45:31 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.2.3667, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 21.3.2010 12:45:39 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.2.3667, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 21.3.2010 12:59:08 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.2.3667, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 26.5.2010 4:39:48 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.1.3462, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 29.5.2010 10:51:44 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.1.3462, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 3.6.2010 7:18:43 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.1.3462, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 15.6.2010 10:38:46 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.1.3462, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 15.6.2010 10:38:46 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.1.3462, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 19.6.2010 10:03:47 | Computer Name = TURCOVSKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia UsbFix.exe, verzia 3.3.6.1, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

[ System Events ]
Error - 19.6.2010 9:59:39 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7023
Description = Služba System Restore Service bola ukončená s nasledujúcou chybou:
%%2

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba Forceware Web Interface sa neočakávane ukončila. Služba sa
týmto spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba Print Spooler sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba ForceWare user log service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba Windows User Mode Driver Framework sa neočakávane ukončila.
Služba sa týmto spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba ForceWare IP service sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba Application Layer Gateway Service sa neočakávane ukončila.
Služba sa týmto spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.

Error - 19.6.2010 10:01:10 | Computer Name = TURCOVSKA | Source = Service Control Manager | ID = 7034
Description = Služba nTune Service sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.

< End of report >

#9 Příspěvek od **Caroprd111** » 19 čer 2010 15:51

OTL jste nespustila se skriptem. Znovu spusťte OTL a klikněte na tlačítko "Nic". Poté do spodního políčka vložte následující skript:

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
autochk.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte log OTL.Txt

stelinka1983 · #10 Příspěvek od **stelinka1983** » 19 čer 2010 15:59

novy log z OTL

OTL logfile created on: 19.6.2010 16:53:24 - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\pocitac\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

895,00 Mb Total Physical Memory | 400,00 Mb Available Physical Memory | 45,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 66,71 Gb Free Space | 85,38% Space Free | Partition Type: NTFS
Drive D: | 70,91 Gb Total Space | 65,30 Gb Free Space | 92,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 55,66 Gb Total Space | 24,49 Gb Free Space | 44,00% Space Free | Partition Type: NTFS
Drive H: | 97,72 Gb Total Space | 34,20 Gb Free Space | 35,00% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: TURCOVSKA
Current User Name: pocitac
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.27 18:07:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== LOP Check ==========

[2010.03.17 17:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010.02.22 17:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.04.28 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2009.06.05 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.04.28 17:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010.06.10 22:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\ICQ
[2009.04.27 16:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\InterVideo
[2009.04.28 17:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\LangSoft

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"OEXPRESS" = C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE -- [2009.04.28 17:12:08 | 000,026,624 | ---- | M] ()
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007.09.04 19:25:38 | 000,081,920 | ---- | M] (NVIDIA)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.12.23 18:05:20 | 000,143,360 | ---- | M] (Nero AG)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.03.26 09:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.03.17 17:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.12.19 16:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009.12.19 16:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.05.03 20:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2010.02.22 17:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.04.28 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2009.04.29 13:19:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.11.11 17:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009.04.27 17:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.01.27 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009.06.25 17:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2009.11.27 12:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.05.25 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2009.06.05 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.21 20:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009.04.28 17:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.04.28 17:12:08 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
[2010.01.27 12:59:53 | 001,924,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
[2009.04.29 17:12:49 | 000,868,352 | ---- | M] (Alex Rosenbaum and KishKish.com) -- C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe

< %APPDATA%\*. >
[2010.02.23 12:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Adobe
[2009.05.27 16:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Ahead
[2009.05.03 20:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\HP
[2010.06.10 22:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\ICQ
[2009.04.27 16:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Identities
[2009.04.27 16:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\InstallShield
[2009.04.27 16:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\InterVideo
[2009.04.28 17:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\LangSoft
[2009.04.28 16:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Macromedia
[2009.04.27 18:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Media Player Classic
[2009.12.25 20:55:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\pocitac\Application Data\Microsoft
[2009.04.27 16:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Mozilla
[2010.06.04 23:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Skype
[2010.06.04 18:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\skypePM
[2010.05.25 17:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\Sun
[2009.04.29 19:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pocitac\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2009.12.25 20:55:54 | 000,454,838 | R--- | M] () -- C:\Documents and Settings\pocitac\Application Data\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_7D2C132C50CCB86BED182C.exe
[2009.12.25 20:55:54 | 000,454,838 | R--- | M] () -- C:\Documents and Settings\pocitac\Application Data\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_7DA8B262C7C0B2B5E2561D.exe

< MD5 for: AGP440.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 03:07:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 03:07:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 03:07:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2004.08.04 03:07:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 03:07:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.04 03:07:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 03:07:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 03:07:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 03:07:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.04 03:07:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.03.30 11:08:45 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2004.08.04 03:07:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 03:07:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 03:07:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.04 03:07:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.10.18 02:31:38 | 000,105,472 | R--- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2004.08.04 03:07:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 03:07:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 01:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 03:07:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 03:07:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 03:07:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 03:07:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 03:07:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.04.27 18:09:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.27 18:09:07 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.27 18:09:07 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.19 09:08:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\nmp.log
[2010.06.19 09:07:41 | 000,081,496 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.19 09:08:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

#11 Příspěvek od **Caroprd111** » 19 čer 2010 16:01

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTl
IE - HKU\S-1-5-21-1390067357-1343024091-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O4 - HKLM..\RunOnce: [] File not found
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2009.06.05 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

stelinka1983 · #12 Příspěvek od **stelinka1983** » 19 čer 2010 16:25

PC sa restartoval ale nevyhodilo mi to ziaden log ale neviem ci som dala spravne lebo mi zmizlo aj OTL z plochy

#13 Příspěvek od **Caroprd111** » 19 čer 2010 16:26

Znovu stáhněte OTL a postupujte proveďte krok znovu Určitě jste klikla na "Vyčisti" místo na "Opravit".

stelinka1983 · #14 Příspěvek od **stelinka1983** » 19 čer 2010 16:31

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1390067357-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
C:\WINDOWS\003110_.tmp deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV27322820.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\Documents and Settings\All Users\Application Data\TEMP folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: pocitac
->Temp folder emptied: 135290301 bytes
->Temporary Internet Files folder emptied: 883618 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48118146 bytes
->Flash cache emptied: 44417 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17823391 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49554098 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 240,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: pocitac
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.6.0 log created on 06192010_172848

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#15 Příspěvek od **Caroprd111** » 19 čer 2010 16:33

Jsou s PC nějaké problémy

VIRY.CZ

prosim o kontrolu

prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu