Velmi pomaly pc, obcas vyskakuju aj reklamy

[66klara]

Tak som vsetko urobila, tu je opat log z RSIT. K tomu firewallu, mam firewall wxp, ale teda skusila som si nainstalovat tie, co tu mate vy - vybrala som si Comodo firewall a NOD mi zahlasil, ze je tam trojan Tak som ho ani nedoinstalovala a hned vymazala.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Janka at 2010-03-06 07:56:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (79%) free of 76 GB
Total RAM: 255 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:14, on 6.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Janka\My Documents\Preberanie\RSIT(2).exe
C:\Program Files\trend micro\Janka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tattoodle.com?tid={18E38629- ... 56D7CA9D79}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 198.163.152.229:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ntctldev] rundll32.exe "C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll", DllInit
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VideoCam Suite 2.0.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://www.atptennis.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC7ECC4E-0BFF-46DF-9F24-A4B251E69F18}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1c99a59e4bb8552) (gupdate1c99a59e4bb8552) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 7233 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{88783427-2BCC-489B-983D-A6869AC4AB95}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-01 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-01 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-01 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-01-16 949376]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-07 573440]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-31 385024]
"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2008-09-30 485208]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-01 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ntctldev"=C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll [2009-12-17 77824]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
VideoCam Suite 2.0.lnk - C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-07-04 118784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-06 07:56:43 ----D---- C:\rsit
2010-03-06 07:26:21 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2010-03-06 06:53:01 ----A---- C:\SRStatus2.txt
2010-03-06 06:53:01 ----A---- C:\SRStatus.txt
2010-03-05 17:18:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-05 15:52:13 ----SHD---- C:\RECYCLER
2010-03-05 15:45:34 ----D---- C:\WINDOWS\temp
2010-03-04 14:53:25 ----D---- C:\WINDOWS\Minidump
2010-03-04 14:43:08 ----A---- C:\Boot.bak
2010-03-04 14:43:01 ----D---- C:\cmdcons
2010-02-25 19:11:06 ----D---- C:\Adobe Reader 9 Installer
2010-02-25 19:01:58 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-02-21 12:38:25 ----D---- C:\Program Files\MarkAny
2010-02-19 16:49:50 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-02-19 16:49:48 ----D---- C:\Documents and Settings\Janka\Application Data\PC Suite
2010-02-19 16:41:03 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-02-19 16:39:42 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-02-19 16:39:41 ----D---- C:\Program Files\DIFX
2010-02-19 16:39:33 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-19 16:39:26 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-02-19 16:39:26 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-02-19 16:38:57 ----D---- C:\Documents and Settings\Janka\Application Data\Samsung
2010-02-19 16:37:51 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-19 16:36:39 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 1 months======

2010-03-06 07:57:14 ----D---- C:\Program Files\Trend Micro
2010-03-06 07:39:17 ----RD---- C:\Program Files
2010-03-06 07:39:04 ----SHD---- C:\WINDOWS\Installer
2010-03-06 07:37:06 ----D---- C:\WINDOWS\system32
2010-03-06 07:35:56 ----D---- C:\WINDOWS\system32\drivers
2010-03-06 07:12:09 ----D---- C:\Program Files\Mozilla Firefox
2010-03-06 07:10:48 ----D---- C:\WINDOWS
2010-03-06 06:59:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-06 06:54:23 ----SHD---- C:\System Volume Information
2010-03-06 06:54:23 ----D---- C:\WINDOWS\system32\Restore
2010-03-05 20:27:44 ----D---- C:\WINDOWS\Prefetch
2010-03-05 15:58:16 ----D---- C:\WINDOWS\system32\config
2010-03-05 15:56:21 ----D---- C:\WINDOWS\system32\wbem
2010-03-05 15:56:03 ----D---- C:\WINDOWS\Registration
2010-03-05 15:50:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-05 15:38:50 ----A---- C:\WINDOWS\system.ini
2010-03-05 15:32:36 ----D---- C:\WINDOWS\AppPatch
2010-03-05 15:32:33 ----D---- C:\Program Files\Common Files
2010-03-05 08:25:55 ----D---- C:\Documents and Settings
2010-03-04 14:37:28 ----D---- C:\WINDOWS\ERDNT
2010-02-28 14:41:02 ----D---- C:\Documents and Settings\Janka\Application Data\Skype
2010-02-28 13:19:30 ----D---- C:\Documents and Settings\Janka\Application Data\skypePM
2010-02-26 11:10:41 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-02-25 19:39:36 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-25 19:18:33 ----D---- C:\Program Files\Common Files\Adobe
2010-02-25 19:17:22 ----D---- C:\Program Files\Adobe
2010-02-25 19:16:49 ----D---- C:\WINDOWS\WinSxS
2010-02-25 19:03:26 ----D---- C:\Documents and Settings\Janka\Application Data\Adobe
2010-02-21 12:46:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-21 10:37:09 ----HD---- C:\WINDOWS\inf
2010-02-21 09:44:06 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-01-16 15424]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-01-16 512096]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-07-04 2304000]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-08-07 980608]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-07-04 483328]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-01 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-01-16 552064]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-28 123248]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Design Expansion; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate1c99a59e4bb8552;Služba Google Update (gupdate1c99a59e4bb8552); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-01 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

-----------------EOF-----------------

[Caroprd111]

Jako firewall bych doporučil Zone Alarm, firewall ve Windows XP je nedostatečný.

Jinak je log v pořádku.

[66klara]

Tak teda skusim ten ZoneAlarm. Ak je teda uz vsetko ok, tak dakujem krasne za pomoc

[Caroprd111]

Nemáte zač

[66klara]

Dobry vecer, ozyvam sa znova, lebo prednedavnom sme riesili prilis pomaly pc a vyskakujuce reklamy a na cas sa mi zdalo, ze je to uz vyriesene, lenze hned po par dnoch tie reklamy zacali vyskakovat znova a pc je stale pomaly, dokonca by som povedala, ze este vyrazne pomalsi...az tak, ze ani nestiha zobrazovat tento text, ktory tu pisem bezprostredne tak ako ho pisem ale vyrazne opozdene... ...tak prosim o kontrolu logu, vdaka.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Janka at 2010-05-04 19:51:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 57 GB (75%) free of 76 GB
Total RAM: 255 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:39, on 4.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Documents and Settings\Janka\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Janka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ef.umb.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 198.163.152.229:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ntctldev] rundll32.exe "C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll", DllInit
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VideoCam Suite 2.0.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://www.atptennis.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1c99a59e4bb8552) (gupdate1c99a59e4bb8552) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 6727 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{88783427-2BCC-489B-983D-A6869AC4AB95}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-01-16 949376]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-07 573440]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-02-01 385024]
"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2008-09-30 485208]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ntctldev"=C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll [2009-12-17 77824]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
VideoCam Suite 2.0.lnk - C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-07-05 118784]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-30 11:18:55 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-30 11:18:54 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-30 11:18:54 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-30 11:18:53 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 months======

2010-05-04 19:52:02 ----D---- C:\Program Files\Trend Micro
2010-05-04 19:50:58 ----D---- C:\WINDOWS\Prefetch
2010-05-04 19:50:23 ----D---- C:\Documents and Settings\Janka\Application Data\.purple
2010-05-04 17:46:22 ----D---- C:\WINDOWS\temp
2010-05-03 20:42:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-30 11:21:48 ----SHD---- C:\WINDOWS\Installer
2010-04-30 11:18:55 ----D---- C:\WINDOWS\system32
2010-04-30 11:18:08 ----D---- C:\Program Files\Java
2010-04-30 08:13:09 ----D---- C:\Documents and Settings\Janka\Application Data\gtk-2.0
2010-04-23 21:01:01 ----D---- C:\Documents and Settings\Janka\Application Data\Skype
2010-04-23 12:01:59 ----D---- C:\Documents and Settings\Janka\Application Data\skypePM
2010-04-21 17:59:40 ----RD---- C:\NOD_UPD
2010-04-19 18:30:09 ----D---- C:\Program Files\Mozilla Firefox
2010-04-12 20:02:45 ----A---- C:\WINDOWS\wtran32.INI
2010-04-12 19:12:49 ----D---- C:\WINDOWS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-01-16 15424]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-01-16 512096]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-07-05 2304000]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-08-07 980608]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-07-05 483328]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-01-16 552064]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-28 123248]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Design Expansion; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate1c99a59e4bb8552;Služba Google Update (gupdate1c99a59e4bb8552); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-01 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

-----------------EOF-----------------

[Caroprd111]

Zdravím


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[66klara]

OTL logfile created on: 5.5.2010 8:35:19 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Janka\My Documents\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

255,00 Mb Total Physical Memory | 28,00 Mb Available Physical Memory | 11,00% Memory free
905,00 Mb Paging File | 254,00 Mb Available in Paging File | 28,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,02 Gb Free Space | 75,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JANKA-7F533A9F9
Current User Name: Janka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.05 08:30:59 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janka\My Documents\Preberanie\OTL.exe
PRC - [2010.04.01 20:07:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.06 01:43:26 | 000,045,091 | ---- | M] (The Pidgin developer community) -- C:\Program Files\Pidgin\pidgin.exe
PRC - [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.02.17 13:03:54 | 000,185,688 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe
PRC - [2008.09.30 14:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.16 14:05:12 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2008.01.16 14:05:11 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2007.05.03 18:42:56 | 000,376,921 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2007.05.03 18:42:38 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2006.12.28 17:17:50 | 000,123,248 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2006.08.07 15:11:00 | 000,573,440 | R--- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2005.01.14 10:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe


========== Modules (SafeList) ==========

MOD - [2010.05.05 08:30:59 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janka\My Documents\Preberanie\OTL.exe
MOD - [2009.12.17 07:09:14 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.16 14:05:11 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.05.03 18:42:38 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2006.12.28 17:17:50 | 000,123,248 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2006.12.19 17:53:46 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.01.14 10:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)


========== Driver Services (SafeList) ==========

DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.16 14:05:12 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2008.01.16 14:05:11 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.08.24 13:46:48 | 000,005,760 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007.07.05 00:55:40 | 002,304,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.05.02 20:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.03.28 20:52:18 | 000,057,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007.01.24 19:08:40 | 000,005,632 | R--- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.12.28 17:17:18 | 000,018,688 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2006.12.14 17:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.11.03 10:32:30 | 004,394,496 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.07 15:13:50 | 000,980,608 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006.05.25 21:40:58 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.02.20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005.07.14 13:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 20:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.04.08 11:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc027.sys -- (PAC207)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ef.umb.sk/
IE - HKU\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 198.163.152.229:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ef.umb.sk/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..network.proxy.backup.ftp: "10.162.130.30"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "10.162.130.30"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "10.162.130.30"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "10.162.130.30"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "10.162.130.30"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "10.162.130.30"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "10.162.130.30"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "10.162.130.30"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "10.162.130.30"
FF - prefs.js..network.proxy.ssl_port: 8080

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.05 17:56:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.30 11:18:55 | 000,000,000 | ---D | M]

[2008.12.10 12:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Mozilla\Extensions
[2010.05.04 19:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\dlbdctvx.default\extensions
[2010.03.28 09:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\dlbdctvx.default\extensions\personas@christopher.beard
[2010.01.21 18:02:53 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\dlbdctvx.default\searchplugins\ebay.xml
[2010.05.04 17:48:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.30 11:18:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 19:40:34 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.04.01 19:40:34 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.04.01 19:40:34 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.04.01 19:40:34 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.04.01 19:40:34 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.04.01 19:40:34 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2009.10.18 17:46:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKU\S-1-5-21-343818398-299502267-725345543-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-343818398-299502267-725345543-1003..\Run: [ntctldev] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VideoCam Suite 2.0.lnk = C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-299502267-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: atptennis.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: umb.sk ([ais2] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Pozadie plochy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Pozadie plochy.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.01.17 00:03:22 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.ivimp3en - C:\WINDOWS\System32\IviMp3En.acm (Intervideo Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027075282206720)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.04 18:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janka\Desktop\reklamy
[2010.04.30 11:18:55 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.30 11:18:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.30 11:18:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.30 11:18:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2008.01.17 09:01:53 | 000,005,632 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[32 C:\Documents and Settings\Janka\Desktop\*.tmp files -> C:\Documents and Settings\Janka\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.05 08:20:15 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.05 07:20:02 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.05 06:54:55 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{88783427-2BCC-489B-983D-A6869AC4AB95}.job
[2010.05.05 06:50:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2010.05.05 06:42:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.05 06:42:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.04 20:22:39 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Janka\ntuser.ini
[2010.05.04 20:22:38 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Janka\ntuser.dat
[2010.05.04 20:14:32 | 000,003,699 | ---- | M] () -- C:\WINDOWS\wtran32.INI
[2010.05.04 20:14:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.05.02 10:42:35 | 000,038,842 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\n737377210_1042882_2241.jpg
[2010.05.02 10:42:13 | 000,047,515 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\20448_1262903009714_1143879667_30742092_5863192_n.jpg
[2010.05.01 22:08:08 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\financny man.doc
[2010.04.30 15:24:26 | 006,427,422 | -H-- | M] () -- C:\Documents and Settings\Janka\Local Settings\Application Data\IconCache.db
[2010.04.30 11:42:52 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Janka\.recently-used.xbel
[2010.04.30 08:12:38 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\pravdepodobnost riesene.xls
[2010.04.25 19:01:43 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Janka\Desktop\~$_Zadanie semestrálnej práce.doc
[2010.04.25 19:01:42 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\00_Zadanie semestrálnej práce.doc
[2010.04.25 18:59:02 | 000,358,912 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\EaMMVO-1.doc
[2010.04.25 18:25:29 | 000,093,184 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\_EFA_priloha2.doc
[2010.04.25 12:07:51 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.04.25 09:21:48 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Janka\Desktop\~$MMVO-1.doc
[2010.04.24 22:06:24 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\SEMINARKA TEXT.doc
[2010.04.24 13:12:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.23 17:18:37 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.04.22 13:19:46 | 000,053,039 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\5758452.jpg
[2010.04.22 13:19:09 | 000,035,120 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\f_51839812_64a834ce8e5fa4c025df078ab6f03abc.jpg
[2010.04.22 13:19:01 | 001,413,341 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\f_204344195_3f4b1c895c33ba54b957fd973f7f38c7.jpg
[2010.04.21 16:17:15 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\uvfosnova.doc
[2010.04.18 18:23:16 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\_EFA_priloha1.doc
[2010.04.17 19:35:39 | 000,071,168 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\mmvo.doc
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.11 20:33:40 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\ZÁVER.doc
[2010.04.07 11:23:15 | 000,060,899 | ---- | M] () -- C:\Documents and Settings\Janka\Desktop\Esprit-2273158.jpg
[2010.04.06 13:49:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[32 C:\Documents and Settings\Janka\Desktop\*.tmp files -> C:\Documents and Settings\Janka\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.02 10:42:33 | 000,038,842 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\n737377210_1042882_2241.jpg
[2010.05.02 10:42:04 | 000,047,515 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\20448_1262903009714_1143879667_30742092_5863192_n.jpg
[2010.04.30 15:18:24 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\financny man.doc
[2010.04.30 11:42:52 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Janka\.recently-used.xbel
[2010.04.30 08:12:36 | 000,110,080 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\pravdepodobnost riesene.xls
[2010.04.25 19:01:43 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Janka\Desktop\~$_Zadanie semestrálnej práce.doc
[2010.04.25 19:01:42 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\00_Zadanie semestrálnej práce.doc
[2010.04.25 09:21:48 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Janka\Desktop\~$MMVO-1.doc
[2010.04.24 17:35:34 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\SEMINARKA TEXT.doc
[2010.04.22 13:19:43 | 000,053,039 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\5758452.jpg
[2010.04.22 13:19:07 | 000,035,120 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\f_51839812_64a834ce8e5fa4c025df078ab6f03abc.jpg
[2010.04.22 13:18:51 | 001,413,341 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\f_204344195_3f4b1c895c33ba54b957fd973f7f38c7.jpg
[2010.04.21 16:17:14 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\uvfosnova.doc
[2010.04.18 19:17:47 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\_EFA_priloha2.doc
[2010.04.18 17:22:32 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\_EFA_priloha1.doc
[2010.04.18 13:40:06 | 000,358,912 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\EaMMVO-1.doc
[2010.04.17 14:47:02 | 000,071,168 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\mmvo.doc
[2010.04.11 17:03:45 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\ZÁVER.doc
[2010.04.07 11:23:06 | 000,060,899 | ---- | C] () -- C:\Documents and Settings\Janka\Desktop\Esprit-2273158.jpg
[2010.02.19 17:39:26 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.02.19 17:39:26 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.10.09 11:20:08 | 000,000,096 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.19 15:51:45 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.06.29 15:04:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.10 11:02:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.01.17 09:09:10 | 000,000,553 | R--- | C] () -- C:\WINDOWS\System32\drivers\AW1012d.ini
[2008.01.17 08:54:03 | 000,005,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2008.01.17 08:49:45 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.01.17 00:25:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.01.16 14:49:08 | 000,003,699 | ---- | C] () -- C:\WINDOWS\wtran32.INI
[2008.01.16 14:08:08 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2008.01.16 14:08:06 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2008.01.16 14:06:55 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2008.01.16 13:57:03 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2005.04.08 11:46:18 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys
[2005.01.25 16:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207Usd.dll
[2003.04.07 12:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009.07.07 10:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009.07.13 10:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2008.12.16 20:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2008.03.03 14:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2008.03.13 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009.07.13 08:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2009.07.07 10:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2009.08.25 15:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2010.02.19 17:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008.03.13 16:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008.03.02 11:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009.07.19 19:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.01.16 13:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009.07.07 10:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009.02.17 09:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2010.05.05 08:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\.purple
[2008.01.16 14:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ACD Systems
[2008.12.10 20:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\BSplayer
[2008.10.08 22:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\BSplayer Pro
[2010.03.19 22:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\CheckPoint
[2008.03.21 15:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Gaijin Ent
[2008.03.01 13:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Gamelab
[2010.04.30 08:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\gtk-2.0
[2008.03.03 13:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Home Sweet Home
[2008.01.18 08:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ICQ
[2009.01.05 14:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ICQLite
[2008.01.18 21:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\InterVideo
[2008.03.13 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\iWin
[2008.03.02 19:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Jane s Hotel
[2009.07.07 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Nikon
[2009.08.25 15:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Panasonic
[2010.02.19 17:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\PC Suite
[2008.03.13 16:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\PlayFirst
[2010.02.21 13:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Samsung
[2008.12.17 12:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TeamViewer
[2008.01.17 01:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Thunderbird
[2008.01.16 13:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TuneUp Software
[2008.05.04 18:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TV JOJ Media Player
[2010.04.23 17:18:37 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.05.05 06:50:40 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2010.05.05 06:54:55 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{88783427-2BCC-489B-983D-A6869AC4AB95}.job

========== Purity Check ==========

[66klara]

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ntctldev" = rundll32.exe "C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll", DllInit
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2008.03.24 16:50:15 | 002,392,722 | ---- | M] () -- C:\ac3filter_1_46.exe
[2008.03.24 16:24:04 | 017,067,560 | ---- | M] (DivX, Inc.) -- C:\DivXInstaller.exe
[2008.02.13 12:00:56 | 023,344,432 | ---- | M] (Apple Inc.) -- C:\QuickTimeInstaller.exe
[2008.11.09 12:11:35 | 002,238,896 | ---- | M] () -- C:\tropical_beaches01.exe
[2008.05.26 18:37:34 | 331,805,736 | ---- | M] (Microsoft Corporation) -- C:\WindowsXP-KB936929-SP3-x86-ENU.exe
[2008.09.06 11:15:09 | 000,382,352 | ---- | M] (Sun Microsystems, Inc.) -- C:\xpiinstall.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.02.25 20:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.01.12 21:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008.02.13 18:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008.01.17 09:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2008.01.16 16:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010.03.06 08:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
[2008.12.17 11:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009.07.07 10:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009.07.13 10:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2008.12.16 20:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2008.03.03 14:26:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2008.03.13 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009.10.14 17:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.07.13 08:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2009.01.21 13:05:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.07.07 10:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010.02.26 12:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009.08.25 15:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2010.02.19 17:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008.03.13 16:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008.03.02 11:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008.01.18 08:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009.10.09 12:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.07.17 16:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009.07.19 19:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.01.16 13:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009.07.07 10:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009.02.17 09:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.02.25 19:56:08 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe

< %APPDATA%\*. >
[2010.05.05 08:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\.purple
[2008.01.16 14:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ACD Systems
[2010.02.25 20:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Adobe
[2008.02.08 20:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Ahead
[2008.03.08 19:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Apple Computer
[2008.01.16 16:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ATI
[2008.12.10 20:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\BSplayer
[2008.10.08 22:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\BSplayer Pro
[2010.03.19 22:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\CheckPoint
[2009.02.17 09:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Digsby
[2008.03.24 16:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\DivX
[2009.05.04 18:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\dvdcss
[2008.03.21 15:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Gaijin Ent
[2008.03.01 13:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Gamelab
[2009.03.01 12:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Google
[2010.04.30 08:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\gtk-2.0
[2009.10.09 11:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Help
[2008.03.03 13:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Home Sweet Home
[2008.01.18 08:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ICQ
[2009.01.05 14:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\ICQLite
[2008.01.17 00:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Identities
[2008.01.17 09:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\InstallShield
[2008.01.18 21:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\InterVideo
[2008.03.13 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\iWin
[2008.03.02 19:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Jane s Hotel
[2008.01.16 13:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Macromedia
[2009.10.14 17:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Malwarebytes
[2009.03.06 14:03:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Janka\Application Data\Microsoft
[2008.01.17 01:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Mozilla
[2009.07.07 10:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Nikon
[2009.08.25 15:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Panasonic
[2010.02.19 17:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\PC Suite
[2008.03.13 16:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\PlayFirst
[2009.07.19 14:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Real
[2010.02.21 13:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Samsung
[2010.04.23 21:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Skype
[2010.04.23 16:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\skypePM
[2008.02.21 19:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Sun
[2009.07.20 13:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\SUPERAntiSpyware.com
[2008.12.17 12:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TeamViewer
[2008.01.17 01:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\Thunderbird
[2008.01.16 13:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TuneUp Software
[2008.05.04 18:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janka\Application Data\TV JOJ Media Player

< %APPDATA%\*.exe /s >
[2008.01.16 16:13:35 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{0AD37499-3D5D-12F0-EBEA-46EE9AD02DBF}\ARPPRODUCTICON.exe
[2008.01.16 16:14:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{174D7CC5-1117-29D3-8422-2E54ADF7DB5D}\ARPPRODUCTICON.exe
[2009.07.07 10:26:34 | 000,335,872 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
[2008.01.16 16:15:15 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{23894154-0961-CD0A-BAC0-67E6E96165C3}\ARPPRODUCTICON.exe
[2008.01.16 16:14:54 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{24DFAAD6-E1ED-F588-2AD5-2EA4FE9113AE}\ARPPRODUCTICON.exe
[2008.01.16 16:14:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{26886987-D038-7438-8DF2-ED3B1888E052}\ARPPRODUCTICON.exe
[2008.01.16 16:13:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{2C6D0ACD-DD2B-BFE5-A005-53AFD4AA3175}\ARPPRODUCTICON.exe
[2008.01.16 16:13:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{2D50DC1F-FCEC-D970-1DFB-E73CF2404451}\ARPPRODUCTICON.exe
[2008.01.16 16:15:13 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{306682DE-BB8E-CD56-9F6B-DE209469418A}\ARPPRODUCTICON.exe
[2008.01.16 16:15:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{310477AD-884B-736D-B2C8-7BE9433B243D}\ARPPRODUCTICON.exe
[2008.01.16 16:14:37 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{31814F2E-FA58-AFE8-DC97-3BD97F7191C2}\ARPPRODUCTICON.exe
[2008.01.16 16:14:35 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{354F7470-D8E3-95D0-3488-B9E32D5E9636}\ARPPRODUCTICON.exe
[2008.01.16 16:13:53 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{380FAC97-C47F-C5A9-2A51-DFF8DE144B37}\ARPPRODUCTICON.exe
[2008.01.16 16:15:01 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{407A5080-4B1C-A43D-9EED-A3B5EDBCF593}\ARPPRODUCTICON.exe
[2008.01.16 16:14:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{46FE06BF-2A08-9D00-ABFD-7F967817E275}\ARPPRODUCTICON.exe
[2008.01.16 16:13:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{4B50D80D-A482-DECD-B584-EB054EBA878A}\ARPPRODUCTICON.exe
[2008.01.16 16:14:01 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{5ABA84ED-D61B-257F-809F-A8C883865854}\ARPPRODUCTICON.exe
[2008.01.16 16:13:44 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{5B464CAC-76BD-BDBB-8066-318D05D171DF}\ARPPRODUCTICON.exe
[2008.01.16 16:14:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{5C7332EA-BFB9-24A0-BDD9-254F4B113E41}\ARPPRODUCTICON.exe
[2008.01.16 16:14:23 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{66B5F542-952C-F50D-BFF3-BCA582B65860}\ARPPRODUCTICON.exe
[2008.01.16 16:14:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{67213BA8-70C6-458D-9B64-4B93FB35E84B}\ARPPRODUCTICON.exe
[2008.01.16 16:14:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{6AA66ACB-E93C-C7CD-F303-D473AEC8A43E}\ARPPRODUCTICON.exe
[2008.01.16 16:13:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{6D5DC54D-B06E-32A8-A5D9-4978D7A75FA1}\ARPPRODUCTICON.exe
[2008.01.16 16:14:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{782BC438-2C73-77F4-F5B6-7ADC87F611BB}\ARPPRODUCTICON.exe
[2008.01.16 16:14:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{7BBA76B4-CC34-0AAB-6D48-BE0181E20832}\ARPPRODUCTICON.exe
[2008.01.16 16:14:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{7F311276-1CD6-1661-8BAE-DD9016FE9B8D}\ARPPRODUCTICON.exe
[2008.01.16 16:13:38 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{84C89CF4-F64E-6820-375C-24963DDF99C9}\ARPPRODUCTICON.exe
[2008.01.16 16:14:52 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{8C0D145D-EB41-E1DB-6250-0146B02CBA3A}\ARPPRODUCTICON.exe
[2008.01.16 16:14:45 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{8F5D6849-1A7E-B0B2-F1DE-C0FF21F9E78C}\ARPPRODUCTICON.exe
[2008.01.16 16:14:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{944DA8EF-FD4E-1FD9-D88A-B22D78913BE6}\ARPPRODUCTICON.exe
[2008.01.16 16:13:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{97F5E039-D2F5-18C0-F0C9-6981F73514CC}\ARPPRODUCTICON.exe
[2008.01.16 16:14:39 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{A35D49A6-F3CF-87AA-6FF1-777D8A06BAB1}\ARPPRODUCTICON.exe
[2008.01.16 16:14:28 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{B2CEACB9-7690-30B5-D80A-B138DB4F0E37}\ARPPRODUCTICON.exe
[2008.01.16 16:15:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{D26970AA-C66F-142F-7C66-A73FC3546F57}\ARPPRODUCTICON.exe
[2009.07.07 10:27:05 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
[2008.01.16 16:14:20 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{D88DB576-0989-879A-38B1-7ED6224B2F52}\ARPPRODUCTICON.exe
[2008.01.16 16:14:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{D8B87EBC-12C2-D4FC-F085-A062D4906216}\ARPPRODUCTICON.exe
[2008.01.16 16:14:43 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{E2A05D36-56EF-84FC-E7D7-090D6E5F09BC}\ARPPRODUCTICON.exe
[2008.01.16 16:13:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{E4DA4D2C-F57F-782E-752E-9286E5713297}\ARPPRODUCTICON.exe
[2008.01.16 16:15:03 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{E4E118EF-5286-915B-7DBD-D931AB9AF200}\ARPPRODUCTICON.exe
[2008.01.16 16:15:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{E5B85BE7-55B5-0A14-7634-FEF92BCB87FB}\ARPPRODUCTICON.exe
[2008.01.16 16:14:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{F384BD83-C317-94DA-A4AB-3E75E43F4F8C}\ARPPRODUCTICON.exe
[2008.01.16 16:15:10 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{F622BE4A-363F-F2B6-1F98-54E5E99B1750}\ARPPRODUCTICON.exe
[2008.01.16 16:14:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Janka\Application Data\Microsoft\Installer\{F6D39840-BB27-A191-BDF2-1841CA805D24}\ARPPRODUCTICON.exe
[2010.02.21 13:45:20 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Janka\Application Data\Samsung\New PC Studio\DriverChecker.exe


< MD5 for: AGP440.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.04 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2009.01.29 19:12:50 | 000,032,768 | ---- | M] (Panasonic Corporation) MD5=86C7D345A9D6DA814DBA6F785FE49908 -- C:\Program Files\Panasonic\VideoCam Suite 2\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2004.08.04 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007.07.05 00:57:00 | 000,344,064 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.16 19:49:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.01.16 19:49:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.01.16 19:49:01 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2007.07.05 00:57:00 | 000,344,064 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CB8D545
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC381680
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BAD65EA
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25C9263
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDFF58FE
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A696643D
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EB603FE4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B99FE60
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86A8CE8D
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1982A23
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD623B3
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E903DEB
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:47BE4EDF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:912389B7
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753B0F80
< End of report >

[66klara]

OTL Extras logfile created on: 5.5.2010 8:35:20 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Janka\My Documents\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

255,00 Mb Total Physical Memory | 28,00 Mb Available Physical Memory | 11,00% Memory free
905,00 Mb Paging File | 254,00 Mb Available in Paging File | 28,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,02 Gb Free Space | 75,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JANKA-7F533A9F9
Current User Name: Janka
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Pidgin\pidgin.exe" = C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin -- (The Pidgin developer community)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{003C932A-0064-B581-3935-284D2CE76A89}" = Catalyst Control Center Core Implementation
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GF112
"{0AD37499-3D5D-12F0-EBEA-46EE9AD02DBF}" = Catalyst Control Center Localization German
"{174D7CC5-1117-29D3-8422-2E54ADF7DB5D}" = Catalyst Control Center Localization Norwegian
"{1E0E1039-E45D-7EA2-E377-E00C2857E0C2}" = ccc-core-static
"{21A1D4A5-3D9B-9434-4F97-40367BDF4E47}" = Catalyst Control Center Graphics Full New
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{23894154-0961-CD0A-BAC0-67E6E96165C3}" = CCC Help Chinese Standard
"{24DFAAD6-E1ED-F588-2AD5-2EA4FE9113AE}" = CCC Help Korean
"{26886987-D038-7438-8DF2-ED3B1888E052}" = CCC Help Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2C6D0ACD-DD2B-BFE5-A005-53AFD4AA3175}" = Catalyst Control Center Localization Spanish
"{2D50DC1F-FCEC-D970-1DFB-E73CF2404451}" = Catalyst Control Center Localization Hungarian
"{306682DE-BB8E-CD56-9F6B-DE209469418A}" = CCC Help Turkish
"{310477AD-884B-736D-B2C8-7BE9433B243D}" = CCC Help Swedish
"{31814F2E-FA58-AFE8-DC97-3BD97F7191C2}" = CCC Help Greek
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{354F7470-D8E3-95D0-3488-B9E32D5E9636}" = CCC Help German
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{380FAC97-C47F-C5A9-2A51-DFF8DE144B37}" = Catalyst Control Center Localization Italian
"{407A5080-4B1C-A43D-9EED-A3B5EDBCF593}" = CCC Help Polish
"{46FE06BF-2A08-9D00-ABFD-7F967817E275}" = Catalyst Control Center Localization Swedish
"{4B50D80D-A482-DECD-B584-EB054EBA878A}" = ccc-core-preinstall
"{4B8ACECB-D518-99AA-B1F3-E79F905A83EE}" = Catalyst Control Center Localization Czech
"{5ABA84ED-D61B-257F-809F-A8C883865854}" = Catalyst Control Center Localization Dutch
"{5B464CAC-76BD-BDBB-8066-318D05D171DF}" = Catalyst Control Center Localization Finnish
"{5C7332EA-BFB9-24A0-BDD9-254F4B113E41}" = Catalyst Control Center Localization Polish
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6426C1E8-ADD6-F91F-C152-2ABB7AB25F9F}" = Catalyst Control Center Graphics Full Existing
"{66B5F542-952C-F50D-BFF3-BCA582B65860}" = Catalyst Control Center Localization Turkish
"{67213BA8-70C6-458D-9B64-4B93FB35E84B}" = CCC Help Italian
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AA66ACB-E93C-C7CD-F303-D473AEC8A43E}" = CCC Help Norwegian
"{6D5DC54D-B06E-32A8-A5D9-4978D7A75FA1}" = Catalyst Control Center Localization Japanese
"{6DC712D0-A8AE-70EE-215D-ECE5DB29782C}" = Skins
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{782BC438-2C73-77F4-F5B6-7ADC87F611BB}" = CCC Help Spanish
"{791A19F4-E4E5-F4B0-7687-F5D1C4FF799A}" = Catalyst Control Center Graphics Light
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BBA76B4-CC34-0AAB-6D48-BE0181E20832}" = CCC Help Dutch
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F311276-1CD6-1661-8BAE-DD9016FE9B8D}" = Catalyst Control Center Localization Russian
"{84C89CF4-F64E-6820-375C-24963DDF99C9}" = Catalyst Control Center Localization Greek
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0D145D-EB41-E1DB-6250-0146B02CBA3A}" = CCC Help Japanese
"{8F5D6849-1A7E-B0B2-F1DE-C0FF21F9E78C}" = CCC Help French
"{9012041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{944DA8EF-FD4E-1FD9-D88A-B22D78913BE6}" = Catalyst Control Center Localization Portuguese
"{97F5E039-D2F5-18C0-F0C9-6981F73514CC}" = Catalyst Control Center Localization French
"{9E684286-287F-AE06-6909-31A0944A9B4F}" = Catalyst Control Center Localization Danish
"{9EDF1A5D-D8E0-413E-9782-75DD4A8C831B}" = VideoCam Suite 2.0
"{A0CE9CC5-B17D-3FD5-20B9-A2509B475A20}" = ccc-utility
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A35D49A6-F3CF-87AA-6FF1-777D8A06BAB1}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2CEACB9-7690-30B5-D80A-B138DB4F0E37}" = Catalyst Control Center Localization Chinese Traditional
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{D26970AA-C66F-142F-7C66-A73FC3546F57}" = CCC Help Russian
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{D88DB576-0989-879A-38B1-7ED6224B2F52}" = Catalyst Control Center Localization Thai
"{D8B87EBC-12C2-D4FC-F085-A062D4906216}" = CCC Help Danish
"{E2A05D36-56EF-84FC-E7D7-090D6E5F09BC}" = CCC Help Finnish
"{E4DA4D2C-F57F-782E-752E-9286E5713297}" = Catalyst Control Center Localization Korean
"{E4E118EF-5286-915B-7DBD-D931AB9AF200}" = CCC Help Portuguese
"{E5B85BE7-55B5-0A14-7634-FEF92BCB87FB}" = CCC Help Chinese Traditional
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F384BD83-C317-94DA-A4AB-3E75E43F4F8C}" = Catalyst Control Center Localization Chinese Standard
"{F622BE4A-363F-F2B6-1F98-54E5E99B1750}" = CCC Help Thai
"{F6D39840-BB27-A191-BDF2-1841CA805D24}" = CCC Help Czech
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"AC3File" = AC3File (remove only)
"AC3Filter" = AC3Filter (remove only)
"ACDSee" = ACDSee
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 6.0.1 CE" = Adobe Photoshop 6.0.1 CE
"Adobe SVG Viewer" = Adobe SVG Viewer
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CloneDVD2" = CloneDVD2
"coco_clock" = coco_clock
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FAR manager" = FAR file manager
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (iba vymazať)
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8 Beta 2
"InstallShield_{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GF112
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Intervideo MP3 + DVD XPack_is1" = Intervideo MP3 + DVD XPack
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NOD32" = Antivírusový systém NOD32
"Pidgin" = Pidgin
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archivátor

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.3.2010 14:52:05 | Computer Name = JANKA-7F533A9F9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18241, zlyhanie modulu
jscript.dll, verzia 5.8.6001.18241, adresa zlyhania 0x000223e1.

Error - 27.3.2010 14:52:50 | Computer Name = JANKA-7F533A9F9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie iexplore.exe, verzia 8.0.6001.18241, zlyhanie modulu
jscript.dll, verzia 5.8.6001.18241, adresa zlyhania 0x000223e1.

Error - 4.4.2010 6:12:42 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia iexplore.exe, verzia 8.0.6001.18241, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 17.4.2010 10:20:21 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 22.4.2010 14:04:19 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 22.4.2010 14:04:19 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 25.4.2010 13:02:33 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia WINWORD.EXE, verzia 11.0.5604.0, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 28.4.2010 1:51:00 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia EXCEL.EXE, verzia 11.0.5612.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 2.5.2010 6:33:12 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia AcroRd32.exe, verzia 9.3.0.148, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error - 3.5.2010 12:50:43 | Computer Name = JANKA-7F533A9F9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia firefox.exe, verzia 1.9.2.3743, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

[ System Events ]
Error - 26.3.2010 3:24:57 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.0.1 odmietol prenájom 192.168.0.3 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 5:19:18 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.0.1 odmietol prenájom 192.168.0.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 8:55:50 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.0.1 odmietol prenájom 192.168.0.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 9:37:04 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.0.1 odmietol prenájom 192.168.0.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 9:39:59 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.0.1 odmietol prenájom 192.168.0.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 10:08:30 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.3 adresy IP pre
sieťovú kartu so sieťovou adresou 001D6016DD74 (server DHCP odoslal hlásenie DHCPNACK).

Error - 26.3.2010 10:08:36 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.0.3 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 2.4.2010 2:58:53 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.4 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 21.4.2010 9:51:06 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.1.1 odmietol prenájom 192.168.1.2 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).

Error - 23.4.2010 9:44:45 | Computer Name = JANKA-7F533A9F9 | Source = Dhcp | ID = 1002
Description = Server DHCP 192.168.2.1 odmietol prenájom 192.168.1.3 adresy IP pre
sieťovú kartu so sieťovou adresou 0015AF4CFDC6 (server DHCP odoslal hlásenie DHCPNACK).


< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
MOD - [2009.12.17 07:09:14 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev\ntctldev.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKU\S-1-5-21-343818398-299502267-725345543-1003..\Run: [ntctldev] File not found
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: atptennis.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-343818398-299502267-725345543-1003\..Trusted Domains: umb.sk ([ais2] https in Trusted sites)
[32 C:\Documents and Settings\Janka\Desktop\*.tmp files -> C:\Documents and Settings\Janka\Desktop\*.tmp -> ]
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CB8D545
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC381680
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BAD65EA
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25C9263
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDFF58FE
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A696643D
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EB603FE4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B99FE60
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:86A8CE8D
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:814B9485
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1982A23
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD623B3
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E903DEB
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:47BE4EDF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:912389B7
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:753B0F80

:Files
C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

[66klara]

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C688203-7EB3-4327-9995-1CB417BA23F9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}\ not found.
Registry value HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ntctldev deleted successfully.
Registry key HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\atptennis.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-343818398-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\umb.sk\ais2\ deleted successfully.
File/Folder C:\Documents and Settings\Janka\Desktop\*.tmp not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:9AB338B9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1CB8D545 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:EC381680 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3BAD65EA deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C25C9263 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:CDFF58FE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A696643D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:EB603FE4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2B99FE60 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:86A8CE8D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:ADE16379 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:814B9485 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:E1982A23 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8DD623B3 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:4E903DEB deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:47BE4EDF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:912389B7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:753B0F80 deleted successfully.
========== FILES ==========
C:\Documents and Settings\Janka\Local Settings\Application Data\ntctldev folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 2920 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41704 bytes

User: Janka
->Temp folder emptied: 31351593 bytes
->Temporary Internet Files folder emptied: 436052546 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 83817113 bytes
->Flash cache emptied: 49192 bytes

User: LocalService
->Temp folder emptied: 993272 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 989880 bytes
->Temporary Internet Files folder emptied: 763898 bytes

User: z plochy

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28220 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 92525057 bytes

Total Files Cleaned = 617,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Janka
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: z plochy

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.4.1 log created on 05052010_144346

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Caroprd111]

Jak to vypadá s PC

[66klara]

Reklam som sa zda sa zbavila, ale rychlost pc je stale rovnako pomala.

[Caroprd111]

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

• Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
• Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
• Log vložte sem.

[66klara]

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verzia databázy: 4069

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18241

5.5.2010 19:02:39
mbam-log-2010-05-05 (19-02-39).txt

Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 159049
Uplynulý čas: 54 min, 14 sek

Infikované služby pamäte: 1
Infikované moduly pamäte: 1
Infikované registračné kľúče: 4
Infikované registračné hodnoty: 1
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 7

Infikované služby pamäte:
C:\Documents and Settings\Janka\Local Settings\temp\Kmx.exe (Trojan.Fraudpack) -> No action taken.

Infikované moduly pamäte:
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> No action taken.

Infikované registračné kľúče:
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.Fraudpack) -> No action taken.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
C:\Documents and Settings\Janka\Local Settings\temp\Kmx.exe (Trojan.Fraudpack) -> No action taken.
C:\Documents and Settings\Janka\Local Settings\temp\Kmv.exe (Trojan.Fraudpack) -> No action taken.
C:\Documents and Settings\Janka\Local Settings\temp\Kmw.exe (Trojan.Fraudpack) -> No action taken.
C:\Documents and Settings\Janka\Local Settings\temp\Kmy.exe (Trojan.Fraudpack) -> No action taken.
C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Janka\Local Settings\temp\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> No action taken.