kontrola logu, zamrza pc

[mkoko1]

Dobry den,

prosila by som Vas o kontrolu logu, pc je pomaly a dost casto zamrza.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Martina at 2010-04-09 15:49:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (17%) free of 57 GB
Total RAM: 1526 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:48, on 9/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Martina\My Documents\Prijaté súbory\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Martina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pomocn?k pri prihlasovan? v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Shortcut to ashDisp.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 7501 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-08 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-06-08 114688]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-08-09 14743552]
"NWEReboot"= []
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon=hidden []
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-08 94208]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2009-10-11 320832]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Shortcut to ashDisp.lnk - C:\Program Files\Alwil Software\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-06-08 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe"="C:\Program Files\Global Star Software\Airport Tycoon 3\at3.exe:*:Disabled:at3"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE"="C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66d534ee-9edb-11de-a71a-00166f9ccf6a}]
shell\AutoRun\command - F:\start.exe


======List of files/folders created in the last 1 months======

2010-04-09 15:10:52 ----D---- C:\rsit
2010-04-09 14:01:13 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-08 19:19:50 ----D---- C:\Documents and Settings\Martina\Application Data\PCToolsFirewallPlus
2010-04-08 19:15:52 ----D---- C:\Program Files\Common Files\PC Tools
2010-04-08 19:15:46 ----D---- C:\Program Files\PC Tools Firewall Plus
2010-04-08 19:06:08 ----D---- C:\WINDOWS\Internet Logs
2010-04-07 20:44:57 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-06 14:01:35 ----D---- C:\Program Files\The KMPlayer
2010-03-19 01:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-19 01:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-19 01:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-17 19:20:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-17 17:09:19 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-17 17:06:48 ----D---- C:\WINDOWS\Prefetch
2010-03-17 17:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-17 17:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-17 17:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-17 17:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-17 17:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-17 17:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-17 17:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-17 17:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-17 17:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-17 17:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-17 17:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-17 16:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-17 16:59:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-17 16:59:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-17 16:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-17 16:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-17 16:58:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-17 16:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-17 16:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-17 16:57:44 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-17 16:57:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-17 16:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-17 16:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-03-17 16:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-17 16:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-17 16:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-17 16:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-17 16:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-17 16:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-17 16:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-17 16:54:26 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-03-17 16:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-17 16:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-03-17 16:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-17 16:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-17 16:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-03-17 16:52:53 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-17 16:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2010-03-17 16:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-03-17 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-17 16:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-03-17 16:51:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2010-03-17 16:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-17 16:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2010-03-17 16:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-17 16:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-17 16:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-17 16:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-17 16:49:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-03-17 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-17 16:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2010-03-17 16:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-03-17 16:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2010-03-17 16:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-17 16:47:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-17 16:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-17 16:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-17 16:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-03-17 16:46:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-17 16:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-03-17 16:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-17 16:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-17 16:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-17 16:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-17 16:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-03-17 16:44:52 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-17 16:39:33 ----A---- C:\WINDOWS\setuplog.txt
2010-03-17 16:36:33 ----D---- C:\WINDOWS\system32\scripting
2010-03-17 16:36:32 ----D---- C:\WINDOWS\l2schemas
2010-03-17 16:36:31 ----D---- C:\WINDOWS\system32\en
2010-03-17 16:36:30 ----D---- C:\WINDOWS\system32\bits
2010-03-17 16:25:05 ----D---- C:\WINDOWS\network diagnostic
2010-03-17 16:17:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-17 15:56:37 ----D---- C:\WINDOWS\ie8updates
2010-03-17 15:54:20 ----A---- C:\WINDOWS\imsins.BAK
2010-03-17 15:54:01 ----D---- C:\WINDOWS\WBEM
2010-03-17 15:51:52 ----HDC---- C:\WINDOWS\ie8
2010-03-17 15:51:52 ----D---- C:\WINDOWS\system32\en-US
2010-03-17 11:40:44 ----D---- C:\Program Files\CCleaner
2010-03-17 11:34:23 ----D---- C:\Documents and Settings\Martina\Application Data\WinPatrol
2010-03-17 11:34:12 ----D---- C:\Program Files\BillP Studios
2010-03-17 11:25:39 ----D---- C:\Program Files\SpywareBlaster
2010-03-11 03:19:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-03-11 03:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-03-11 03:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-03-10 17:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2_0$
2010-03-10 02:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-10 02:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-03-10 02:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-03-10 02:31:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-10 02:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-03-10 02:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-03-10 02:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-03-10 02:30:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-03-10 02:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-03-10 02:24:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-03-10 02:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-03-10 02:24:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-03-10 02:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-03-10 02:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-03-10 02:23:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-03-10 02:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-03-10 02:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-03-10 02:22:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-03-10 02:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-03-10 02:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-03-10 02:21:49 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-03-10 02:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-03-10 02:21:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-03-10 02:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-03-10 02:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-03-10 02:20:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-03-10 02:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-03-10 02:19:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-03-10 02:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-03-10 02:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-03-10 02:15:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-10 02:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-03-10 02:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$
2010-03-10 02:12:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-03-10 02:12:29 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-10 02:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-03-10 02:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-03-10 02:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-03-10 02:11:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-03-10 02:10:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-03-10 02:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$

======List of files/folders modified in the last 1 months======

2010-04-09 15:42:56 ----D---- C:\Documents and Settings\Martina\Application Data\Skype
2010-04-09 15:41:47 ----SH---- C:\boot.ini
2010-04-09 15:41:47 ----A---- C:\WINDOWS\win.ini
2010-04-09 15:41:47 ----A---- C:\WINDOWS\system.ini
2010-04-09 15:38:37 ----D---- C:\WINDOWS\Temp
2010-04-09 15:37:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-04-09 15:37:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-09 15:37:12 ----D---- C:\WINDOWS\system32\Lang
2010-04-09 15:37:06 ----D---- C:\WINDOWS
2010-04-09 15:36:14 ----D---- C:\Program Files\DivX
2010-04-09 15:33:10 ----SHD---- C:\WINDOWS\Installer
2010-04-09 15:33:10 ----D---- C:\Program Files\Common Files
2010-04-09 15:33:10 ----D---- C:\Config.Msi
2010-04-09 15:32:58 ----RD---- C:\Program Files
2010-04-09 15:32:16 ----D---- C:\WINDOWS\system32
2010-04-09 15:27:14 ----D---- C:\WINDOWS\system32\drivers
2010-04-09 15:24:02 ----D---- C:\Program Files\Free Audio Pack
2010-04-09 15:23:07 ----D---- C:\Program Files\Common Files\DivX Shared
2010-04-09 14:00:16 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-04-09 13:48:49 ----HD---- C:\WINDOWS\inf
2010-04-09 10:52:28 ----D---- C:\Program Files\Mozilla Firefox
2010-04-09 10:03:01 ----D---- C:\Documents and Settings\Martina\Application Data\skypePM
2010-04-09 07:57:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-08 19:17:09 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-08 19:04:53 ----D---- C:\Program Files\CheckPoint
2010-04-08 19:03:38 ----D---- C:\Documents and Settings\Martina\Application Data\CheckPoint
2010-04-06 00:49:50 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-31 17:33:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 17:33:02 ----D---- C:\Program Files\Internet Explorer
2010-03-31 17:30:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-28 10:47:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 16:54:48 ----D---- C:\WINDOWS\Help
2010-03-17 19:21:15 ----D---- C:\WINDOWS\WinSxS
2010-03-17 19:21:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-17 17:09:20 ----D---- C:\WINDOWS\Debug
2010-03-17 17:05:22 ----D---- C:\WINDOWS\system32\Setup
2010-03-17 17:05:22 ----D---- C:\WINDOWS\AppPatch
2010-03-17 17:05:20 ----D---- C:\WINDOWS\system32\wbem
2010-03-17 17:05:18 ----RSD---- C:\WINDOWS\Fonts
2010-03-17 17:01:10 ----D---- C:\Program Files\Movie Maker
2010-03-17 16:58:02 ----D---- C:\Program Files\Outlook Express
2010-03-17 16:50:02 ----D---- C:\WINDOWS\security
2010-03-17 16:45:27 ----D---- C:\Program Files\Messenger
2010-03-17 16:37:34 ----D---- C:\Program Files\Windows Media Player
2010-03-17 16:37:03 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-17 16:37:02 ----D---- C:\WINDOWS\ime
2010-03-17 16:36:34 ----D---- C:\WINDOWS\system32\usmt
2010-03-17 16:36:30 ----D---- C:\WINDOWS\PeerNet
2010-03-17 16:30:35 ----D---- C:\WINDOWS\system32\Restore
2010-03-17 16:30:34 ----D---- C:\WINDOWS\system32\npp
2010-03-17 16:30:34 ----D---- C:\WINDOWS\mui
2010-03-17 16:30:31 ----D---- C:\WINDOWS\msagent
2010-03-17 16:30:28 ----D---- C:\WINDOWS\srchasst
2010-03-17 16:30:27 ----D---- C:\Program Files\NetMeeting
2010-03-17 16:30:23 ----D---- C:\WINDOWS\system32\Com
2010-03-17 16:30:17 ----D---- C:\Program Files\Windows NT
2010-03-17 16:30:10 ----D---- C:\Program Files\Common Files\System
2010-03-17 16:29:27 ----D---- C:\WINDOWS\system32\oobe
2010-03-17 16:29:23 ----D---- C:\WINDOWS\system
2010-03-17 16:21:47 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 16:17:47 ----D---- C:\WINDOWS\ehome
2010-03-17 15:54:06 ----D---- C:\WINDOWS\system32\config
2010-03-17 15:53:36 ----D---- C:\WINDOWS\Media
2010-03-17 12:23:51 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-17 11:51:25 ----D---- C:\WINDOWS\Minidump
2010-03-12 17:34:07 ----D---- C:\WINDOWS\system32\NtmsData
2010-03-12 15:46:41 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-05-01 17119]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-08 1050140]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-08-09 3855360]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNDIS;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-01-07 58816]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 SNPPRO;USB PC Camera (snppro); C:\WINDOWS\system32\DRIVERS\snppro.sys [2005-06-08 8664448]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys []
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys []
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-10-14 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-01 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2003-04-04 77824]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S4 gupdate;?p??es?a Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []

-----------------EOF-----------------

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[mkoko1]

Posielam ten log z MBAM:


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3972

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/4/2010 11:47:45
mbam-log-2010-04-10 (11-47-45).txt

Scan type: Full scan (C:\|)
Objects scanned: 181105
Time elapsed: 3 hour(s), 15 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Martina\Application Data\avdrn.dat (Malware.Trace) -> No action taken.

[Rudy]

Položku smažte.

[mkoko1]

Uspesne zmazane

[Rudy]

Nastala nějaká změna?

[mkoko1]

ani velmi nie, alebo resp. sa mi zda, ze nie je ziadny rozdiel.... neviem ci to ma nejaku suvislost, ale dost casto ked otvaram internet, stranky sa nenacitaju "page not found" alebo sa nacitaju chybne usporiadane ...ked stlacim "reload" vacsinou sa to da do poriadku. A este pri otvarani PC sa vsetky ikony na desctope loaduju velmi oneskorene...

[Rudy]

1. Vyčistěte systém CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 . Případně zkuste obnovu systému k datu, kdy korektně fungoval.

[mkoko1]

System som vycistila CCleanerom, ale System restore nemozem vratit az tak daleko kedy bol pc OK, nakolko som mala pred nejakym casom virus v system restore a tak bol vypnuty a znova zapnuty.... Opat ked som otvarala internet mi neotvorilo stranku - vypisalo "server not found" az po 3.reload sa mi stranka nakoniec otvorila (toto sa opakuje takmer pri kazdom otvarani netu).

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[mkoko1]

Posielam log z ComboFix:

ComboFix 10-04-09.06 - Martina 10/04/2010 16:08:48.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.1156 [GMT 3:00]
Running from: c:\documents and settings\Martina\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Martina\My Documents\zaloha zmeny v reg 17mar.reg
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe

.
((((((((((((((((((((((((( Files Created from 2010-03-10 to 2010-04-10 )))))))))))))))))))))))))))))))
.

2010-04-09 16:29 . 2010-04-09 16:29 -------- d-----w- c:\documents and settings\Martina\Application Data\Malwarebytes
2010-04-09 16:28 . 2010-03-29 21:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-09 16:28 . 2010-04-09 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-09 16:28 . 2010-03-29 21:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-09 16:28 . 2010-04-09 16:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-09 12:10 . 2010-04-09 12:11 -------- d-----w- C:\rsit
2010-04-09 11:01 . 2010-04-09 11:01 503808 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\msvcp71.dll
2010-04-09 11:01 . 2010-04-09 11:01 499712 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\jmc.dll
2010-04-09 11:01 . 2010-04-09 11:01 348160 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\msvcr71.dll
2010-04-09 11:01 . 2010-04-09 11:01 61440 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e22feb1-n\decora-sse.dll
2010-04-09 11:01 . 2010-04-09 11:01 12800 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e22feb1-n\decora-d3d.dll
2010-04-08 16:19 . 2010-04-08 16:20 -------- d-----w- c:\documents and settings\Martina\Application Data\PCToolsFirewallPlus
2010-04-08 16:16 . 2009-11-23 10:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-04-08 16:16 . 2009-11-09 08:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-04-08 16:16 . 2010-01-07 09:40 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-04-08 16:15 . 2010-04-08 16:16 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-08 16:15 . 2010-01-12 06:34 70664 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2010-04-08 16:15 . 2010-01-07 08:35 58816 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2010-04-08 16:15 . 2010-01-07 08:35 32680 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2010-04-08 16:15 . 2010-01-13 05:59 115216 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2010-04-08 16:15 . 2010-04-08 16:20 -------- d-----w- c:\program files\PC Tools Firewall Plus
2010-04-08 16:06 . 2010-04-08 16:06 -------- d-----w- c:\windows\Internet Logs
2010-04-07 17:44 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-07 08:28 . 2010-04-07 08:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-04-06 11:01 . 2010-04-06 11:03 -------- d-----w- c:\program files\The KMPlayer
2010-03-17 16:21 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-17 16:21 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-17 16:21 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-17 16:21 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-17 16:21 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-17 16:21 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-17 16:21 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-17 16:20 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-17 16:20 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-17 14:20 . 2010-03-17 14:20 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-03-17 14:15 . 2010-03-17 14:15 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-03-17 13:36 . 2010-03-17 13:36 -------- d-----w- c:\windows\system32\scripting
2010-03-17 13:36 . 2010-03-17 13:36 -------- d-----w- c:\windows\l2schemas
2010-03-17 13:36 . 2010-03-17 13:36 -------- d-----w- c:\windows\system32\en
2010-03-17 13:36 . 2010-03-17 13:36 -------- d-----w- c:\windows\system32\bits
2010-03-17 13:13 . 2010-03-17 13:13 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-03-17 13:03 . 2010-03-17 13:03 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-03-17 12:57 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-03-17 12:56 . 2010-03-31 14:32 -------- d-----w- c:\windows\ie8updates
2010-03-17 12:54 . 2010-02-25 08:54 11070976 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-03-17 12:54 . 2010-02-25 06:24 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-03-17 12:54 . 2010-02-25 06:24 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-03-17 12:54 . 2010-02-25 06:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-03-17 12:54 . 2010-02-25 06:24 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-03-17 12:54 . 2010-02-25 06:24 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-03-17 12:51 . 2010-03-17 12:54 -------- dc-h--w- c:\windows\ie8
2010-03-17 08:40 . 2010-04-10 12:05 -------- d-----w- c:\program files\CCleaner
2010-03-17 08:34 . 2010-03-17 08:34 -------- d-----w- c:\documents and settings\Martina\Application Data\WinPatrol
2010-03-17 08:34 . 2007-05-01 16:59 0 ----a-w- c:\documents and settings\Martina\Application Data\WinPatrol\Config.sys
2010-03-17 08:34 . 2007-05-01 16:59 0 ----a-w- c:\documents and settings\Martina\Application Data\WinPatrol\Autoexec.bat
2010-03-17 08:34 . 2010-03-17 08:34 -------- d-----w- c:\program files\BillP Studios
2010-03-17 08:25 . 2010-04-08 16:30 -------- d-----w- c:\program files\SpywareBlaster

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-10 12:58 . 2007-05-01 18:26 -------- d-----w- c:\documents and settings\Martina\Application Data\Skype
2010-04-10 12:05 . 2010-03-17 08:40 -------- d-----w- c:\program files\CCleaner
2010-04-10 11:08 . 2008-03-13 15:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-04-10 10:00 . 2008-01-11 13:15 -------- d-----w- c:\documents and settings\Martina\Application Data\skypePM
2010-04-09 16:29 . 2010-04-09 16:29 -------- d-----w- c:\documents and settings\Martina\Application Data\Malwarebytes
2010-04-09 16:28 . 2010-04-09 16:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-09 16:28 . 2010-04-09 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-09 12:36 . 2010-01-25 17:02 -------- d-----w- c:\program files\DivX
2010-04-09 12:24 . 2009-05-21 11:59 -------- d-----w- c:\program files\Free Audio Pack
2010-04-09 12:23 . 2010-01-25 17:02 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-09 11:01 . 2010-04-09 11:01 503808 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\msvcp71.dll
2010-04-09 11:01 . 2010-04-09 11:01 499712 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\jmc.dll
2010-04-09 11:01 . 2010-04-09 11:01 348160 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-42820778-n\msvcr71.dll
2010-04-09 11:01 . 2010-04-09 11:01 61440 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e22feb1-n\decora-sse.dll
2010-04-09 11:01 . 2010-04-09 11:01 12800 ----a-w- c:\documents and settings\Martina\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e22feb1-n\decora-d3d.dll
2010-04-09 11:00 . 2008-11-24 09:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-08 16:30 . 2010-03-17 08:25 -------- d-----w- c:\program files\SpywareBlaster
2010-04-08 16:20 . 2010-04-08 16:15 -------- d-----w- c:\program files\PC Tools Firewall Plus
2010-04-08 16:20 . 2010-04-08 16:19 -------- d-----w- c:\documents and settings\Martina\Application Data\PCToolsFirewallPlus
2010-04-08 16:16 . 2010-04-08 16:15 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-08 16:04 . 2010-03-07 18:03 -------- d-----w- c:\program files\CheckPoint
2010-04-08 16:03 . 2010-03-07 18:04 -------- d-----w- c:\documents and settings\Martina\Application Data\CheckPoint
2010-04-06 11:03 . 2010-04-06 11:01 -------- d-----w- c:\program files\The KMPlayer
2010-03-29 21:46 . 2010-04-09 16:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 21:45 . 2010-04-09 16:28 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-17 15:11 . 2007-05-01 18:11 47800 ----a-w- c:\documents and settings\Martina\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-17 13:41 . 2007-05-01 16:57 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-17 08:34 . 2010-03-17 08:34 -------- d-----w- c:\documents and settings\Martina\Application Data\WinPatrol
2010-03-17 08:34 . 2010-03-17 08:34 -------- d-----w- c:\program files\BillP Studios
2010-03-12 12:46 . 2008-09-03 08:50 -------- d-----r- c:\program files\Skype
2010-03-09 11:24 . 2010-03-17 16:20 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-09 11:24 . 2010-03-17 16:20 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2010-03-17 16:21 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2010-03-17 16:21 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2010-03-17 16:21 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2010-03-17 16:21 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-09 11:08 . 2010-03-17 16:21 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-09 11:08 . 2010-03-17 16:21 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-09 11:08 . 2010-03-17 16:21 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-08 09:55 . 2010-03-08 09:55 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2010-03-07 18:03 . 2010-03-07 18:03 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-03-07 17:36 . 2010-03-05 11:29 -------- d-----w- c:\documents and settings\All Users\Application Data\COMODO
2010-03-05 12:50 . 2010-03-05 12:50 -------- d-----w- c:\program files\Common Files\Skype
2010-03-05 11:17 . 2010-03-05 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader
2010-03-05 11:11 . 2010-03-05 11:11 1510584 ----a-w- c:\documents and settings\All Users\Application Data\Comodo Downloader\trustconnectclient.exe
2010-03-05 10:48 . 2010-03-05 10:48 -------- d-----w- c:\program files\Sunbelt Software
2010-03-04 09:46 . 2007-09-09 15:47 -------- d-----w- c:\program files\Alwil Software
2010-03-04 09:43 . 2010-03-04 09:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-03-03 14:04 . 2010-03-03 14:04 -------- d-----w- c:\program files\ESET
2010-03-02 10:11 . 2010-01-25 17:04 -------- d-----w- c:\documents and settings\Martina\Application Data\DivX
2010-03-01 21:08 . 2010-03-01 21:08 16 ----a-w- c:\documents and settings\NetworkService\Application Data\rbuwzv.dat
2010-02-25 06:24 . 2004-08-04 01:07 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-12 10:03 . 2010-04-07 17:44 293376 ------w- c:\windows\system32\browserchoice.exe
2010-01-13 05:59 . 2010-04-08 16:15 115216 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2010-01-12 06:34 . 2010-04-08 16:15 70664 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2008-03-13 15:16 . 2008-03-13 15:16 0 ----a-w- c:\program files\temp01
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-09 14743552]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-01-12 3168216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-13 23:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-03-09 08:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-18 23:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\PROGRAM FILES\\SKYPE\\PHONE\\SKYPE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundRouterRequest"= 0 (0x0)

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17/3/2010 19:21 162640]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [8/4/2010 19:16 233136]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17/3/2010 19:21 19024]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [8/4/2010 19:16 88040]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [8/4/2010 19:15 70664]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [8/4/2010 19:15 58816]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [8/4/2010 19:15 115216]
R3 SNPPRO;USB PC Camera (snppro);c:\windows\system32\drivers\snppro.sys [8/1/2008 12:53 8664448]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/4/2009 11:58 717296]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys --> c:\windows\system32\DRIVERS\CnxEtP.sys [?]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys --> c:\windows\system32\DRIVERS\CnxEtU.sys [?]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNP.sys --> c:\windows\system32\DRIVERS\CnxTgNP.sys [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.centrum.sk/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Martina\Application Data\Mozilla\Firefox\Profiles\8jqfkz73.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2075379&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.centrum.sk
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\Martina\Application Data\Mozilla\Firefox\Profiles\8jqfkz73.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-NWEReboot - (no file)
HKLM-Run-ISW - c:\program files\CheckPoint\ZAForceField\ForceField.exe
HKU-Default-RunOnce-IETI - c:\program files\Skype\Phone\IEPlugin\unins000.exe
Notify-WgaLogon - (no file)
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 16:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-04-10 16:16:58
ComboFix-quarantined-files.txt 2010-04-10 13:16
ComboFix2.txt 2008-05-20 20:04
ComboFix3.txt 2008-05-20 17:39

Pre-Run: 10.491.858.944 bytes free
Post-Run: 10.513.227.776 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 13799611E55D9C99748A5F1705FB4C88

[Rudy]

5 položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

[mkoko1]

...zda sa mi, ze je pc trosku o nieco rychlejsi (ani zatial nezamrzol ), ale ikonky po restarte su aj nadalej pomale ....no co uz, asi sa s tym budem musiet zmierit

[Rudy]

Ještě můžete zkusit optimalizaci pomocí XPManageru: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549 .

[mkoko1]

Stiahla som XPManager, povedalo mi, ze mam 15 trial, akonahle som vsak klikla na zlozku OPTIMIZER - vypisalo mi, ze trial period has elapsed....takze sa mi neda pouzit