VIRY.CZ

Zdravim,

instaloval som nejaky key generator a zrejme sa mi dostal do pc trojsky kon.- Zistil som to tak, ze som naistaloval Ad-awer a pustil scan. prosim poradte co mam s tym robit, ide mi strasne pomaly pc.

Dakujem

Zdravím

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=82743

Naistaloval som to co si mi tam linkoval, spustil, ale zatial to nic nerobi. Trva to nejak dlhsie?

Caroprd111 píše:

Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Caroprd111 píše:
Caroprd111 píše:

Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----

OK, ještě RSIT.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Andread at 2010-05-05 17:01:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 471 MB (7%) free of 7 GB
Total RAM: 239 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:30, on 5.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\sistray.EXE
C:\WINDOWS\system32\khooker.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andread\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Andread.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\sisUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3846491457
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3846614834
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4219 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiS Tray"=C:\WINDOWS\system32\sistray.EXE [2002-05-09 303104]
"SiS KHooker"=C:\WINDOWS\system32\khooker.exe [2002-01-25 290816]
"SiSUSBRG"=C:\WINDOWS\sisUSBrg.exe [2002-04-25 32768]
"SoundMan"=C:\WINDOWS\soundman.exe [2002-04-18 46592]
"LTSMMSG"=C:\WINDOWS\LTSMMSG.exe [2002-06-01 141880]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-01 136176]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-05-05 17:01:53 ----D---- C:\Program Files\trend micro
2010-05-05 17:01:45 ----D---- C:\rsit
2010-05-05 15:35:35 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-05-05 15:35:24 ----AH---- C:\aaw7boot.cmd
2010-05-05 14:41:33 ----HDC---- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-05 14:35:59 ----D---- C:\Program Files\Lavasoft
2010-05-05 14:35:58 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-05-05 14:24:06 ----A---- C:\WINDOWS\imsins.BAK
2010-05-05 13:13:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-05 13:13:42 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-04 16:00:41 ----D---- C:\WINDOWS\Minidump
2010-05-04 15:44:06 ----D---- C:\Documents and Settings\Andread\Application Data\WinRAR
2010-05-04 15:43:15 ----D---- C:\Program Files\WinRAR
2010-05-04 12:39:21 ----D---- C:\Documents and Settings\Andread\Application Data\Uniblue
2010-05-04 12:38:43 ----D---- C:\WINDOWS\SxsCaPendDel
2010-05-04 12:33:00 ----D---- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
2010-05-04 12:32:35 ----D---- C:\Program Files\Webteh
2010-05-03 13:29:42 ----D---- C:\Program Files\QuickTime
2010-04-30 22:10:22 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-30 22:10:13 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-04-30 22:09:25 ----D---- C:\WINDOWS\Logs
2010-04-30 22:02:17 ----D---- C:\Program Files\The KMPlayer
2010-04-30 15:38:38 ----D---- C:\Documents and Settings\Andread\Application Data\Mozilla
2010-04-30 15:38:37 ----D---- C:\Documents and Settings\Andread\Application Data\Thunderbird

======List of files/folders modified in the last 1 months======

2010-05-05 17:01:54 ----D---- C:\WINDOWS\Temp
2010-05-05 17:01:53 ----RD---- C:\Program Files
2010-05-05 15:58:42 ----SD---- C:\WINDOWS\Tasks
2010-05-05 15:35:35 ----D---- C:\WINDOWS\system32
2010-05-05 15:30:07 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-05 14:52:17 ----D---- C:\WINDOWS
2010-05-05 14:45:04 ----D---- C:\WINDOWS\system32\drivers
2010-05-05 14:44:09 ----HD---- C:\WINDOWS\inf
2010-05-05 14:44:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-05 14:43:56 ----D---- C:\WINDOWS\security
2010-05-05 14:42:37 ----SHD---- C:\WINDOWS\Installer
2010-05-05 14:42:26 ----D---- C:\WINDOWS\WinSxS
2010-05-05 14:26:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-05 14:25:18 ----D---- C:\WINDOWS\system32\inetsrv
2010-05-05 13:06:57 ----D---- C:\Program Files\Common Files
2010-05-05 12:22:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-04 17:05:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-05-04 16:46:28 ----D---- C:\Program Files\CCleaner
2010-05-04 16:25:44 ----D---- C:\WINDOWS\system32\config
2010-05-03 13:31:19 ----D---- C:\Program Files\Internet Explorer
2010-05-03 11:02:35 ----SD---- C:\Documents and Settings\Andread\Application Data\Microsoft
2010-05-01 20:48:35 ----D---- C:\WINDOWS\Help
2010-05-01 20:48:35 ----D---- C:\Program Files\Windows Media Player
2010-05-01 19:28:40 ----A---- C:\WINDOWS\WINCMD.INI
2010-05-01 19:27:43 ----D---- C:\WINDOWS\ie7updates
2010-05-01 19:26:12 ----D---- C:\WINDOWS\WBEM
2010-05-01 19:26:12 ----D---- C:\WINDOWS\system32\en-us
2010-05-01 19:26:11 ----D---- C:\WINDOWS\Media
2010-04-30 22:10:44 ----D---- C:\WINDOWS\system32\DirectX
2010-04-30 22:08:09 ----D---- C:\WINDOWS\Prefetch
2010-04-30 21:43:07 ----D---- C:\Program Files\ESET
2010-04-30 15:58:08 ----D---- C:\Program Files\soundbase
2010-04-30 15:48:37 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-30 12:38:44 ----D---- C:\Documents and Settings\Andread\Application Data\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\drivers\srvkp.sys [2002-04-02 5760]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2002-04-18 305100]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 LucentSoftModem;Lucent Technologies Soft Modem; C:\WINDOWS\system32\DRIVERS\LTSM.sys [2002-08-02 816043]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2002-05-15 194176]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1228208]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[quote="Caroprd111"] Obrázek

Stahněte OTL http://oldtimer.geekstogo.

Stale to Scanuje

Pravnik1 píše:
Caroprd111 píše: Stahněte OTL http://oldtimer.geekstogo.

to sa mi neda stiahnut.

Stale to Scanuje

Pravnik1 píše:
Pravnik1 píše:
Caroprd111 píše: Stahněte OTL http://oldtimer.geekstogo.

to sa mi neda stiahnut.

Je v poriadku, ze OTL mi to tak dlho scanuje??

Stale to Scanuje

Je to v pořádku.

Caroprd111 píše:Je to v pořádku.

S toho LOG-u co som poslal je vidiet nejaky problem?

Pravnik1 píše:
Caroprd111 píše:Je to v pořádku.
S toho LOG-u co som poslal je vidiet nejaky problem?

OTL logfile created on: 5.5.2010 17:29:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Andread\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

239,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 35,00% Memory free
926,00 Mb Paging File | 582,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 700 900D:\pagefile.sys 699 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 6,59 Gb Total Space | 0,46 Gb Free Space | 6,92% Space Free | Partition Type: NTFS
Drive D: | 12,04 Gb Total Space | 7,48 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREAD_NB
Current User Name: Andread
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.05 17:27:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andread\My Documents\Downloads\OTL.exe
PRC - [2010.04.26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010.02.04 17:52:57 | 001,228,208 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.02.04 17:52:57 | 000,814,160 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.06.01 09:13:00 | 000,141,880 | ---- | M] (Lucent Technologies) -- C:\WINDOWS\LTSMMSG.exe
PRC - [2002.05.09 03:19:48 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2002.04.18 07:48:00 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\soundman.exe
PRC - [2002.01.25 02:30:48 | 000,290,816 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\khooker.exe

========== Modules (SafeList) ==========

MOD - [2010.05.05 17:27:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andread\My Documents\Downloads\OTL.exe
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.02.04 17:52:57 | 001,228,208 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.02.10 18:21:09 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3)
DRV - [2010.02.04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.03.25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002.08.02 14:46:40 | 000,816,043 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2002.05.15 16:32:00 | 000,194,176 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002.04.18 07:48:00 | 000,305,100 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2002.04.02 21:51:00 | 000,005,760 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2001.12.25 23:52:00 | 000,027,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [1999.09.10 13:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.sys -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-790525478-1060284298-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\components [2010.05.01 19:57:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.06.01 13:42:10 | 000,000,000 | ---D | M]

[2010.05.01 19:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Mozilla\Extensions
[2010.04.30 15:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andread\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LTSMMSG] C:\WINDOWS\LTSMMSG.exe (Lucent Technologies)
O4 - HKLM..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Avance Logic, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 3846491457 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3846614834 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andread\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andread\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.31 12:23:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.05.31 12:22:17 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54338281256517632)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.05 17:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.05 17:01:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.05 14:44:01 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010.05.05 14:41:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.05 14:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010.05.05 14:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.05.05 14:19:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Andread\Recent
[2010.05.05 13:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.05 13:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.05.04 16:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\ESET
[2010.05.04 16:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010.05.04 16:00:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.05.04 15:44:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\WinRAR
[2010.05.04 15:43:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.05.04 12:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.04 12:38:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010.05.04 12:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2010.05.04 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010.05.03 13:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Desktop\HUDBA
[2010.05.03 13:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.05.03 13:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Apple
[2010.05.03 13:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Apple Computer
[2010.05.01 19:43:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\My Documents\Preberanie
[2010.05.01 19:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Mozilla
[2010.04.30 22:10:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.04.30 22:10:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.04.30 22:09:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.04.30 22:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.04.30 15:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Identities
[2010.04.30 15:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Mozilla
[2010.04.30 15:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Thunderbird
[2010.04.30 15:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.04.30 12:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\My Documents\Downloads
[2010.04.30 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Temp
[2010.04.30 12:13:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Google
[2010.04.30 12:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Deployment
[6 C:\Documents and Settings\Andread\Desktop\*.tmp files -> C:\Documents and Settings\Andread\Desktop\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.05 17:35:04 | 002,097,152 | ---- | M] () -- C:\Documents and Settings\Andread\NTUSER.DAT
[2010.05.05 16:49:14 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003UA.job
[2010.05.05 16:24:44 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\CKScanner.exe
[2010.05.05 15:58:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.05.05 15:35:24 | 000,000,170 | -H-- | M] () -- C:\aaw7boot.cmd
[2010.05.05 15:13:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.05 15:09:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.05 15:09:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.05 14:40:30 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010.05.05 14:27:07 | 000,004,507 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.05 14:26:29 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.05 14:26:29 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.05 14:26:28 | 000,521,616 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.04 17:05:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Andread\ntuser.ini
[2010.05.04 16:46:31 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\CCleaner.lnk
[2010.05.04 15:46:40 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\test.exe
[2010.05.04 15:43:30 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\WinRAR.lnk
[2010.05.04 14:38:23 | 003,140,995 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\laurent wolf - explosion.mp3_[najhudba.com].mp3
[2010.05.04 12:08:11 | 005,882,380 | -H-- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\IconCache.db
[2010.05.03 13:55:23 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\Google Chrome.lnk
[2010.05.01 20:50:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.05.01 20:49:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.05.01 20:49:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.05.01 19:48:30 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003Core.job
[2010.05.01 19:35:51 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.01 19:28:40 | 000,000,915 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.04.30 15:39:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[6 C:\Documents and Settings\Andread\Desktop\*.tmp files -> C:\Documents and Settings\Andread\Desktop\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.05 16:24:27 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\CKScanner.exe
[2010.05.05 15:35:35 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.05.05 15:35:24 | 000,000,170 | -H-- | C] () -- C:\aaw7boot.cmd
[2010.05.05 15:23:17 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.05.05 14:40:30 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010.05.05 14:24:06 | 000,004,507 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.05.04 15:46:40 | 000,157,184 | ---- | C] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\test.exe
[2010.05.04 15:43:29 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\WinRAR.lnk
[2010.05.04 14:38:21 | 003,140,995 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\laurent wolf - explosion.mp3_[najhudba.com].mp3
[2010.05.01 19:56:15 | 000,002,300 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\Google Chrome.lnk
[2010.05.01 19:44:02 | 000,001,100 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003UA.job
[2010.05.01 19:43:55 | 000,001,048 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003Core.job
[2010.04.30 15:39:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.06.01 11:05:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.31 12:53:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009.05.31 12:43:42 | 000,015,306 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2009.05.31 12:43:42 | 000,005,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\srvkp.sys
[2009.05.31 12:43:42 | 000,004,163 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2009.05.31 12:43:36 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2009.05.31 12:42:24 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2009.05.31 12:38:16 | 000,000,915 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.03.03 12:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

========== LOP Check ==========

[2009.06.01 13:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.12.03 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2009.12.03 21:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.05.05 14:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.04 12:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2009.12.03 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Nokia
[2009.12.03 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\PC Suite
[2009.06.01 14:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Radmin
[2010.04.30 15:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.05.04 16:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.05 15:58:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2010.05.01 19:43:31 | 000,136,176 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.06.01 14:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.06.01 13:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.05 14:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009.12.03 20:58:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.12.03 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2009.12.03 21:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.05.05 13:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.06.01 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.05.05 14:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.02.04 17:53:47 | 002,954,656 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe

< %APPDATA%\*. >
[2010.04.30 12:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Adobe
[2010.05.04 12:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2009.05.31 12:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Identities
[2009.12.03 20:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Macromedia
[2010.05.03 11:02:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Andread\Application Data\Microsoft
[2010.05.01 19:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Mozilla
[2009.12.03 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Nokia
[2009.12.03 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\PC Suite
[2009.06.01 14:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Radmin
[2010.04.30 15:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.05.04 16:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.04 15:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.02.28 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2006.02.28 14:00:00 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:28 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.02.28 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.05.31 13:59:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.31 13:59:36 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.31 13:59:36 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2006.02.28 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\oleaccrc.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.05.05 14:26:29 | 000,071,394 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.05 14:26:29 | 000,441,458 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.05 14:26:28 | 000,521,616 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.05 15:13:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

Pravnik1 píše:
Pravnik1 píše:
Caroprd111 píše:Je to v pořádku.
S toho LOG-u co som poslal je vidiet nejaky problem?

OTL logfile created on: 5.5.2010 17:29:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Andread\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

239,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 35,00% Memory free
926,00 Mb Paging File | 582,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 700 900D:\pagefile.sys 699 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 6,59 Gb Total Space | 0,46 Gb Free Space | 6,92% Space Free | Partition Type: NTFS
Drive D: | 12,04 Gb Total Space | 7,48 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREAD_NB
Current User Name: Andread
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.05 17:27:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andread\My Documents\Downloads\OTL.exe
PRC - [2010.04.26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010.02.04 17:52:57 | 001,228,208 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.02.04 17:52:57 | 000,814,160 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.06.01 09:13:00 | 000,141,880 | ---- | M] (Lucent Technologies) -- C:\WINDOWS\LTSMMSG.exe
PRC - [2002.05.09 03:19:48 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2002.04.18 07:48:00 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\soundman.exe
PRC - [2002.01.25 02:30:48 | 000,290,816 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\khooker.exe

========== Modules (SafeList) ==========

MOD - [2010.05.05 17:27:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andread\My Documents\Downloads\OTL.exe
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.02.04 17:52:57 | 001,228,208 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.02.10 18:21:09 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3)
DRV - [2010.02.04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.03.25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002.08.02 14:46:40 | 000,816,043 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2002.05.15 16:32:00 | 000,194,176 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2002.04.18 07:48:00 | 000,305,100 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2002.04.02 21:51:00 | 000,005,760 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2001.12.25 23:52:00 | 000,027,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [1999.09.10 13:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.sys -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-790525478-1060284298-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\components [2010.05.01 19:57:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.06.01 13:42:10 | 000,000,000 | ---D | M]

[2010.05.01 19:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Mozilla\Extensions
[2010.04.30 15:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andread\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LTSMMSG] C:\WINDOWS\LTSMMSG.exe (Lucent Technologies)
O4 - HKLM..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Avance Logic, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 3846491457 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3846614834 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andread\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andread\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.31 12:23:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.05.31 12:22:17 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54338281256517632)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.05 17:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.05 17:01:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.05 14:44:01 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010.05.05 14:41:33 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.05 14:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010.05.05 14:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.05.05 14:19:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Andread\Recent
[2010.05.05 13:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.05 13:13:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.05.04 16:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\ESET
[2010.05.04 16:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010.05.04 16:00:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.05.04 15:44:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\WinRAR
[2010.05.04 15:43:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.05.04 12:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.04 12:38:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010.05.04 12:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2010.05.04 12:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010.05.03 13:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Desktop\HUDBA
[2010.05.03 13:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.05.03 13:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Apple
[2010.05.03 13:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Apple Computer
[2010.05.01 19:43:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\My Documents\Preberanie
[2010.05.01 19:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Mozilla
[2010.04.30 22:10:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.04.30 22:10:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.04.30 22:09:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.04.30 22:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.04.30 15:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Identities
[2010.04.30 15:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Mozilla
[2010.04.30 15:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Thunderbird
[2010.04.30 15:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.04.30 12:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\My Documents\Downloads
[2010.04.30 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Temp
[2010.04.30 12:13:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Google
[2010.04.30 12:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andread\Local Settings\Application Data\Deployment
[6 C:\Documents and Settings\Andread\Desktop\*.tmp files -> C:\Documents and Settings\Andread\Desktop\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.05 17:35:04 | 002,097,152 | ---- | M] () -- C:\Documents and Settings\Andread\NTUSER.DAT
[2010.05.05 16:49:14 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003UA.job
[2010.05.05 16:24:44 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\CKScanner.exe
[2010.05.05 15:58:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.05.05 15:35:24 | 000,000,170 | -H-- | M] () -- C:\aaw7boot.cmd
[2010.05.05 15:13:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.05 15:09:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.05 15:09:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.05 14:40:30 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010.05.05 14:27:07 | 000,004,507 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.05 14:26:29 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.05 14:26:29 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.05 14:26:28 | 000,521,616 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.04 17:05:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Andread\ntuser.ini
[2010.05.04 16:46:31 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\CCleaner.lnk
[2010.05.04 15:46:40 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\test.exe
[2010.05.04 15:43:30 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\WinRAR.lnk
[2010.05.04 14:38:23 | 003,140,995 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\laurent wolf - explosion.mp3_[najhudba.com].mp3
[2010.05.04 12:08:11 | 005,882,380 | -H-- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\IconCache.db
[2010.05.03 13:55:23 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Andread\Desktop\Google Chrome.lnk
[2010.05.01 20:50:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.05.01 20:49:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.05.01 20:49:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.05.01 19:48:30 | 000,001,048 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003Core.job
[2010.05.01 19:35:51 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.01 19:28:40 | 000,000,915 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.04.30 15:39:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[6 C:\Documents and Settings\Andread\Desktop\*.tmp files -> C:\Documents and Settings\Andread\Desktop\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.05 16:24:27 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\CKScanner.exe
[2010.05.05 15:35:35 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.05.05 15:35:24 | 000,000,170 | -H-- | C] () -- C:\aaw7boot.cmd
[2010.05.05 15:23:17 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.05.05 14:40:30 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010.05.05 14:24:06 | 000,004,507 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.05.04 15:46:40 | 000,157,184 | ---- | C] () -- C:\Documents and Settings\Andread\Local Settings\Application Data\test.exe
[2010.05.04 15:43:29 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\WinRAR.lnk
[2010.05.04 14:38:21 | 003,140,995 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\laurent wolf - explosion.mp3_[najhudba.com].mp3
[2010.05.01 19:56:15 | 000,002,300 | ---- | C] () -- C:\Documents and Settings\Andread\Desktop\Google Chrome.lnk
[2010.05.01 19:44:02 | 000,001,100 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003UA.job
[2010.05.01 19:43:55 | 000,001,048 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1060284298-854245398-1003Core.job
[2010.04.30 15:39:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.06.01 11:05:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.31 12:53:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009.05.31 12:43:42 | 000,015,306 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2009.05.31 12:43:42 | 000,005,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\srvkp.sys
[2009.05.31 12:43:42 | 000,004,163 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2009.05.31 12:43:36 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2009.05.31 12:42:24 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2009.05.31 12:38:16 | 000,000,915 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.03.03 12:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

========== LOP Check ==========

[2009.06.01 13:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.12.03 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2009.12.03 21:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.05.05 14:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.04 12:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2009.12.03 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Nokia
[2009.12.03 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\PC Suite
[2009.06.01 14:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Radmin
[2010.04.30 15:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.05.04 16:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.05 15:58:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Andread\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c -- [2010.05.01 19:43:31 | 000,136,176 | ---- | M] (Google Inc.)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.06.01 14:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.06.01 13:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.05 14:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009.12.03 20:58:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.12.03 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2009.12.03 21:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.05.05 13:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009.06.01 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.05.05 14:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.02.04 17:53:47 | 002,954,656 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe

< %APPDATA%\*. >
[2010.04.30 12:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Adobe
[2010.05.04 12:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\BSplayer Pro
[2009.05.31 12:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Identities
[2009.12.03 20:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Macromedia
[2010.05.03 11:02:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Andread\Application Data\Microsoft
[2010.05.01 19:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Mozilla
[2009.12.03 21:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Nokia
[2009.12.03 21:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\PC Suite
[2009.06.01 14:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Radmin
[2010.04.30 15:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Thunderbird
[2010.05.04 16:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\Uniblue
[2010.05.04 15:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andread\Application Data\WinRAR

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.02.28 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2006.02.28 14:00:00 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:28 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.02.28 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.05.31 13:59:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.31 13:59:36 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.31 13:59:36 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2006.02.28 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\oleaccrc.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.05.05 14:26:29 | 000,071,394 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.05 14:26:29 | 000,441,458 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.05 14:26:28 | 000,521,616 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.05 15:13:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

OTL Extras logfile created on: 5.5.2010 17:29:50 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Andread\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

239,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 35,00% Memory free
926,00 Mb Paging File | 582,00 Mb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 700 900D:\pagefile.sys 699 700 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 6,59 Gb Total Space | 0,46 Gb Free Space | 6,92% Space Free | Partition Type: NTFS
Drive D: | 12,04 Gb Total Space | 7,48 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREAD_NB
Current User Name: Andread
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "D:\firefox.exe" -requestPending -osint -url "%1" File not found
https [open] -- "D:\firefox.exe" -requestPending -osint -url "%1" File not found
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9012041B-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1051-7B44-A91000000001}" = Adobe Reader 9.1 - Slovak
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E270E198-9998-41C2-B894-B8A62122A38F}" = ESET NOD32 Antivirus
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Avance AC'97 Audio
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Lucent Technologies Soft Modem" = Lucent Technologies Soft Modem AMR
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SiS 650" = SiS 650
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-790525478-1060284298-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5.5.2010 6:16:10 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:21:00 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:00 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:01 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:02 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:04 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:05 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 6:24:06 | Computer Name = ANDREAD_NB | Source = MsiInstaller | ID = 11303
Description = Product: iTunes -- Error 1303. The installer has insufficient privileges
to access this directory: D:\defaults. The installation cannot continue. Log
on as administrator or contact your system administrator.

Error - 5.5.2010 8:43:26 | Computer Name = ANDREAD_NB | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 5.5.2010 8:45:45 | Computer Name = ANDREAD_NB | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 1.5.2010 6:22:47 | Computer Name = ANDREAD_NB | Source = atapi | ID = 262153
Description = Zariadenie \Device\Ide\IdePort0 neodpovedá v danom časovom limite.

Error - 1.5.2010 6:22:47 | Computer Name = ANDREAD_NB | Source = atapi | ID = 262155
Description = Ovládač zistil chybu radiča na \Device\Ide\IdePort0.

Error - 1.5.2010 6:24:46 | Computer Name = ANDREAD_NB | Source = atapi | ID = 262153
Description = Zariadenie \Device\Ide\IdePort0 neodpovedá v danom časovom limite.

Error - 1.5.2010 6:25:02 | Computer Name = ANDREAD_NB | Source = atapi | ID = 262153
Description = Zariadenie \Device\Ide\IdePort0 neodpovedá v danom časovom limite.

Error - 1.5.2010 9:20:41 | Computer Name = ANDREAD_NB | Source = atapi | ID = 262153
Description = Zariadenie \Device\Ide\IdePort0 neodpovedá v danom časovom limite.

Error - 4.5.2010 10:02:48 | Computer Name = ANDREAD_NB | Source = System Error | ID = 1003
Description = Kód chyby 1000008e, parameter1 c0000005, parameter2 bf9daaa9, parameter3
f9386da4, parameter4 00000000.

Error - 5.5.2010 8:45:47 | Computer Name = ANDREAD_NB | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby Lavasoft Ad-Aware
Service.

Error - 5.5.2010 8:45:47 | Computer Name = ANDREAD_NB | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Lavasoft Ad-Aware Service zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 5.5.2010 9:11:12 | Computer Name = ANDREAD_NB | Source = Service Control Manager | ID = 7009
Description = Časový limit (30000 ms) čakania na pripojenie služby Application Layer
Gateway Service.

Error - 5.5.2010 9:11:39 | Computer Name = ANDREAD_NB | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1053

< End of report >

VIRY.CZ

TROJAN V PC

TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC

Re: TROJAN V PC