kontrola logu - sekanie videa

[88ferdo881]

Prosím o kontrolu logu, sekajú mi videa na csfd.cz aj na imdb.com, neviem cím to je, vopred dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ferko at 2013-04-27 09:58:40
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (30%) free of 38 GB
Total RAM: 2047 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:58:53, on 27.4.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Ferko\Local Settings\Apps\2.0\Q5EKE986.RY9\AABR3EV4.W2Z\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Desktop\RSIT.exe
C:\Program Files\trend micro\Ferko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Odmenovac] C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10728 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default

prefs.js - "browser.startup.homepage" - "http://pokec.azet.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, pdfforge@mybrowserbar.com:4.3, {AA994882-F391-4d2e-806F-8908DA4814ED}:2.3, wtxpcom@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, npfax@microgaming.co.uk:2.1.0.19, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112555 ... 9c9b968&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\
npfax@microgaming.co.uk
toolbar@ask.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\searchplugins\
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2012-09-30 949376]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-30 25264680]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Odmenovac"=C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms [2012-11-18 282]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Google Update"=C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-03-29 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-04-27 09:58:40 ----D---- C:\rsit
2013-04-27 09:58:40 ----D---- C:\Program Files\trend micro
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\java.exe
2013-04-09 21:38:27 ----D---- C:\WINDOWS\CatRoot
2013-04-09 21:38:27 ----A---- C:\WINDOWS\vidcap32.Exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\StillCap.exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\RunSetup.dll
2013-04-09 21:38:26 ----D---- C:\Program Files\Vimicro
2013-04-06 10:44:01 ----D---- C:\Program Files\CCleaner
2013-03-30 13:42:56 ----D---- C:\Documents and Settings\Ferko\Application Data\Apple Computer
2013-03-30 11:48:08 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-30 11:21:09 ----D---- C:\Program Files\QuickTime
2013-03-30 11:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files\Apple
2013-03-30 11:20:45 ----D---- C:\Program Files\Apple Software Update
2013-03-30 11:20:45 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

======List of files/folders modified in the last 1 month======

2013-04-27 09:58:48 ----D---- C:\WINDOWS\Prefetch
2013-04-27 09:58:40 ----RD---- C:\Program Files
2013-04-27 09:52:32 ----D---- C:\Documents and Settings\Ferko\Application Data\Skype
2013-04-27 09:23:03 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-27 09:14:36 ----D---- C:\WINDOWS\system32
2013-04-27 09:14:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-27 09:11:06 ----D---- C:\WINDOWS\Temp
2013-04-26 17:17:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-25 19:33:05 ----D---- C:\Program Files\The KMPlayer
2013-04-24 18:19:21 ----SHD---- C:\WINDOWS\Installer
2013-04-24 18:19:21 ----D---- C:\Program Files\Common Files\Java
2013-04-24 18:18:37 ----D---- C:\Program Files\Java
2013-04-13 17:28:33 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-13 17:28:33 ----D---- C:\WINDOWS
2013-04-13 17:06:22 ----SD---- C:\Documents and Settings\Ferko\Application Data\Microsoft
2013-04-11 19:32:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-04-09 21:39:55 ----HD---- C:\WINDOWS\inf
2013-04-09 21:39:54 ----D---- C:\WINDOWS\system32\drivers
2013-04-09 21:38:26 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-09 17:48:37 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\Winamp
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\DAEMON Tools Lite
2013-04-06 10:47:56 ----D---- C:\WINDOWS\Minidump
2013-04-06 10:47:56 ----D---- C:\WINDOWS\Debug
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-03-30 11:20:56 ----D---- C:\WINDOWS\WinSxS
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files
2013-03-30 11:20:47 ----SD---- C:\WINDOWS\Tasks
2013-03-29 22:10:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-10-21 35840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 242240]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2012-09-30 15424]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2012-09-30 512096]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-04-10 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-04-10 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]
S3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2012-09-30 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-10-21 66872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 253656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Rudy]

Zdravím!
Předně nainstalujte ServicePack3: http://www.sosej.cz/Software/Jiny-softw ... alsi-verze . Váš systém je neaktualizovaný a snadno zranitelný. Pak dejte nový log RSIT.

[88ferdo881]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ferko at 2013-04-27 20:42:26
Systém Microsoft Windows XP Professional Service Pack 3, v.3311
System drive C: has 10 GB (25%) free of 38 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:41, on 27.4.2013
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Documents and Settings\Ferko\Local Settings\Apps\2.0\Q5EKE986.RY9\AABR3EV4.W2Z\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ferko\Desktop\RSIT.exe
C:\Program Files\trend micro\Ferko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Odmenovac] C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10362 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default

prefs.js - "browser.startup.homepage" - "http://pokec.azet.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, pdfforge@mybrowserbar.com:4.3, {AA994882-F391-4d2e-806F-8908DA4814ED}:2.3, wtxpcom@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, npfax@microgaming.co.uk:2.1.0.19, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=112555 ... 9c9b968&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\
npfax@microgaming.co.uk
toolbar@ask.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\searchplugins\
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2012-09-30 949376]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-30 25264680]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Odmenovac"=C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms [2012-11-18 282]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Google Update"=C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-03-29 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-04-27 20:40:25 ----A---- C:\WINDOWS\OEWABLog.txt
2013-04-27 20:40:15 ----D---- C:\Program Files\xerox
2013-04-27 20:40:14 ----D---- C:\WINDOWS\system32\xircom
2013-04-27 20:40:13 ----D---- C:\Program Files\microsoft frontpage
2013-04-27 20:28:37 ----D---- C:\WINDOWS\Prefetch
2013-04-27 20:25:24 ----A---- C:\WINDOWS\setuplog.txt
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\credssp.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\azroles.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qutil.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagent.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\onex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napstat.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mssha.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slserv.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slgen.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\setupn.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-04-27 20:24:44 ----N---- C:\WINDOWS\slrundll.exe
2013-04-27 20:24:43 ----D---- C:\WINDOWS\system32\en
2013-04-27 20:24:43 ----D---- C:\WINDOWS\l2schemas
2013-04-27 20:24:42 ----D---- C:\WINDOWS\system32\bits
2013-04-27 20:22:25 ----D---- C:\WINDOWS\ServicePackFiles
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-04-27 20:19:55 ----A---- C:\WINDOWS\003003_.tmp
2013-04-27 20:18:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-27 20:05:13 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-04-27 09:58:40 ----D---- C:\rsit
2013-04-27 09:58:40 ----D---- C:\Program Files\trend micro
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\java.exe
2013-04-09 21:38:27 ----D---- C:\WINDOWS\CatRoot
2013-04-09 21:38:27 ----A---- C:\WINDOWS\vidcap32.Exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\StillCap.exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\RunSetup.dll
2013-04-09 21:38:26 ----D---- C:\Program Files\Vimicro
2013-04-06 10:44:01 ----D---- C:\Program Files\CCleaner
2013-03-30 13:42:56 ----D---- C:\Documents and Settings\Ferko\Application Data\Apple Computer
2013-03-30 11:48:08 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-30 11:21:09 ----D---- C:\Program Files\QuickTime
2013-03-30 11:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files\Apple
2013-03-30 11:20:45 ----D---- C:\Program Files\Apple Software Update
2013-03-30 11:20:45 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

======List of files/folders modified in the last 1 month======

2013-04-27 20:41:38 ----D---- C:\Documents and Settings\Ferko\Application Data\Skype
2013-04-27 20:41:03 ----D---- C:\WINDOWS\Temp
2013-04-27 20:40:54 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-27 20:40:25 ----D---- C:\WINDOWS
2013-04-27 20:40:15 ----RD---- C:\Program Files
2013-04-27 20:40:15 ----D---- C:\WINDOWS\system32\wbem
2013-04-27 20:40:14 ----D---- C:\WINDOWS\system32
2013-04-27 20:32:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-27 20:29:43 ----D---- C:\WINDOWS\Debug
2013-04-27 20:28:12 ----RSD---- C:\WINDOWS\Fonts
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\Setup
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\npp
2013-04-27 20:28:12 ----D---- C:\WINDOWS\AppPatch
2013-04-27 20:28:12 ----D---- C:\Program Files\Outlook Express
2013-04-27 20:28:12 ----D---- C:\Program Files\Common Files\System
2013-04-27 20:28:11 ----D---- C:\WINDOWS\system32\drivers
2013-04-27 20:27:36 ----D---- C:\WINDOWS\security
2013-04-27 20:27:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-27 20:26:52 ----HD---- C:\WINDOWS\inf
2013-04-27 20:26:41 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-27 20:24:59 ----D---- C:\WINDOWS\WinSxS
2013-04-27 20:24:56 ----D---- C:\Program Files\Messenger
2013-04-27 20:24:53 ----D---- C:\WINDOWS\system32\dllcache
2013-04-27 20:24:49 ----D---- C:\WINDOWS\system32\inetsrv
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Network Diagnostic
2013-04-27 20:24:49 ----D---- C:\WINDOWS\ime
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Help
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\usmt
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\en-US
2013-04-27 20:24:42 ----D---- C:\WINDOWS\PeerNet
2013-04-27 20:24:42 ----D---- C:\Program Files\Movie Maker
2013-04-27 20:22:12 ----D---- C:\WINDOWS\system32\Restore
2013-04-27 20:22:11 ----D---- C:\WINDOWS\msagent
2013-04-27 20:22:10 ----D---- C:\WINDOWS\srchasst
2013-04-27 20:22:09 ----D---- C:\Program Files\NetMeeting
2013-04-27 20:22:08 ----D---- C:\WINDOWS\system32\Com
2013-04-27 20:22:07 ----D---- C:\Program Files\Windows Media Player
2013-04-27 20:22:06 ----D---- C:\Program Files\Windows NT
2013-04-27 20:21:56 ----D---- C:\WINDOWS\system32\oobe
2013-04-27 20:21:55 ----D---- C:\WINDOWS\system
2013-04-27 20:18:46 ----D---- C:\WINDOWS\ehome
2013-04-27 09:23:03 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-25 19:33:05 ----D---- C:\Program Files\The KMPlayer
2013-04-24 18:19:21 ----SHD---- C:\WINDOWS\Installer
2013-04-24 18:19:21 ----D---- C:\Program Files\Common Files\Java
2013-04-24 18:18:37 ----D---- C:\Program Files\Java
2013-04-13 17:28:33 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-13 17:06:22 ----SD---- C:\Documents and Settings\Ferko\Application Data\Microsoft
2013-04-11 19:32:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-04-09 21:38:26 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\Winamp
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\DAEMON Tools Lite
2013-04-06 10:47:56 ----D---- C:\WINDOWS\Minidump
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files
2013-03-30 11:20:47 ----SD---- C:\WINDOWS\Tasks
2013-03-29 22:10:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-02-12 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-10-21 35840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 242240]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2012-09-30 15424]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2012-09-30 512096]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-02-12 14592]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-02-12 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-02-12 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-02-12 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-02-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-02-12 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-02-12 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-02-12 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-02-12 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-02-12 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-02-12 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-02-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-02-12 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-02-12 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]
S3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2012-09-30 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-10-21 66872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 253656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-02-12 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Rudy]

Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

[88ferdo881]

# AdwCleaner v2.201 - Logfile created 04/28/2013 at 12:00:15
# Updated 21/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3, v.3311 (32 bits)
# User : Ferko - FERKO-835D1EED6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Ferko\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\searchplugins\qip-search.xml
Folder Found : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Found : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\toolbar@ask.com
Folder Found : C:\Documents and Settings\Ferko\Application Data\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\PIP
Key Found : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16414

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (cs)

File : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112555&tt=120912_nocpc_3812_3&babs[...]
Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.asktb.cbid", "H3");
Found : user_pref("extensions.asktb.crumb", "2011.04.17+02.03.32-toolbar005iad-SK-QnJhdGlzbGF2YSxTbG92YWtpYQ[...]
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Found : user_pref("extensions.asktb.dtid", "YYYYYYYYSK");
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1303031020756");
Found : user_pref("extensions.asktb.locale", "en_EU");
Found : user_pref("extensions.asktb.o", "15851");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112555&tt=120912_nocpc_3812_3&babsrc=KW_s[...]

File : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\q12f5ish.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2682 octets] - [28/04/2013 12:00:15]

########## EOF - C:\AdwCleaner[R1].txt - [2742 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

[88ferdo881]

# AdwCleaner v2.201 - Logfile created 04/28/2013 at 13:54:00
# Updated 21/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3, v.3311 (32 bits)
# User : Ferko - FERKO-835D1EED6
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Ferko\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\searchplugins\qip-search.xml
Folder Deleted : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Deleted : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\Ferko\Application Data\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16414

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (cs)

File : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\prefs.js

Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112555&tt=120912_nocpc_3812_3&babs[...]
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.asktb.cbid", "H3");
Deleted : user_pref("extensions.asktb.crumb", "2011.04.17+02.03.32-toolbar005iad-SK-QnJhdGlzbGF2YSxTbG92YWtpYQ[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYSK");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1303031020756");
Deleted : user_pref("extensions.asktb.locale", "en_EU");
Deleted : user_pref("extensions.asktb.o", "15851");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112555&tt=120912_nocpc_3812_3&babsrc=KW_s[...]

File : C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\q12f5ish.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2811 octets] - [28/04/2013 12:00:15]
AdwCleaner[R2].txt - [2871 octets] - [28/04/2013 13:36:35]
AdwCleaner[S1].txt - [348 octets] - [28/04/2013 13:36:46]
AdwCleaner[S2].txt - [2903 octets] - [28/04/2013 13:54:00]

########## EOF - C:\AdwCleaner[S2].txt - [2963 octets] ##########

[Rudy]

Dejte nový log RSIT.

[88ferdo881]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ferko at 2013-04-29 17:04:26
Systém Microsoft Windows XP Professional Service Pack 3, v.3311
System drive C: has 10 GB (25%) free of 38 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:34, on 29.4.2013
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Apps\2.0\Q5EKE986.RY9\AABR3EV4.W2Z\odme..tion_e50b86a32720a37b_0002.0002_91b6469155e344e9\Odmenovac.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ferko\Desktop\RSIT.exe
C:\Program Files\trend micro\Ferko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877;
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Odmenovac] C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 11276 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default

prefs.js - "browser.startup.homepage" - "http://pokec.azet.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, pdfforge@mybrowserbar.com:4.3, {AA994882-F391-4d2e-806F-8908DA4814ED}:2.3, wtxpcom@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, npfax@microgaming.co.uk:2.1.0.19, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\
npfax@microgaming.co.uk

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2012-09-30 949376]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-30 25264680]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Odmenovac"=C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms [2012-11-18 282]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Google Update"=C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-03-29 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-04-28 13:54:00 ----A---- C:\AdwCleaner[S2].txt
2013-04-28 13:36:46 ----A---- C:\AdwCleaner[S1].txt
2013-04-28 13:36:35 ----A---- C:\AdwCleaner[R2].txt
2013-04-28 12:00:15 ----A---- C:\AdwCleaner[R1].txt
2013-04-27 20:40:25 ----A---- C:\WINDOWS\OEWABLog.txt
2013-04-27 20:40:15 ----D---- C:\Program Files\xerox
2013-04-27 20:40:14 ----D---- C:\WINDOWS\system32\xircom
2013-04-27 20:40:13 ----D---- C:\Program Files\microsoft frontpage
2013-04-27 20:28:37 ----D---- C:\WINDOWS\Prefetch
2013-04-27 20:25:24 ----A---- C:\WINDOWS\setuplog.txt
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\credssp.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\azroles.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qutil.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagent.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\onex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napstat.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mssha.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slserv.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slgen.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\setupn.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-04-27 20:24:44 ----N---- C:\WINDOWS\slrundll.exe
2013-04-27 20:24:43 ----D---- C:\WINDOWS\system32\en
2013-04-27 20:24:43 ----D---- C:\WINDOWS\l2schemas
2013-04-27 20:24:42 ----D---- C:\WINDOWS\system32\bits
2013-04-27 20:22:25 ----D---- C:\WINDOWS\ServicePackFiles
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-04-27 20:19:55 ----A---- C:\WINDOWS\003003_.tmp
2013-04-27 20:18:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-27 20:05:13 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-04-27 09:58:40 ----D---- C:\rsit
2013-04-27 09:58:40 ----D---- C:\Program Files\trend micro
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\java.exe
2013-04-09 21:38:27 ----D---- C:\WINDOWS\CatRoot
2013-04-09 21:38:27 ----A---- C:\WINDOWS\vidcap32.Exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\StillCap.exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\RunSetup.dll
2013-04-09 21:38:26 ----D---- C:\Program Files\Vimicro
2013-04-06 10:44:01 ----D---- C:\Program Files\CCleaner
2013-03-30 13:42:56 ----D---- C:\Documents and Settings\Ferko\Application Data\Apple Computer
2013-03-30 11:48:08 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-30 11:21:09 ----D---- C:\Program Files\QuickTime
2013-03-30 11:21:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files\Apple
2013-03-30 11:20:45 ----D---- C:\Program Files\Apple Software Update
2013-03-30 11:20:45 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

======List of files/folders modified in the last 1 month======

2013-04-29 17:03:00 ----D---- C:\WINDOWS\system32
2013-04-29 17:03:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-29 16:59:47 ----D---- C:\Documents and Settings\Ferko\Application Data\Skype
2013-04-29 16:59:36 ----D---- C:\WINDOWS\Temp
2013-04-28 22:07:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-28 14:06:17 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-28 13:53:31 ----D---- C:\Program Files\The KMPlayer
2013-04-27 20:40:54 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-27 20:40:25 ----D---- C:\WINDOWS
2013-04-27 20:40:15 ----RD---- C:\Program Files
2013-04-27 20:40:15 ----D---- C:\WINDOWS\system32\wbem
2013-04-27 20:40:15 ----D---- C:\WINDOWS\ime
2013-04-27 20:29:43 ----D---- C:\WINDOWS\Debug
2013-04-27 20:28:12 ----RSD---- C:\WINDOWS\Fonts
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\Setup
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\npp
2013-04-27 20:28:12 ----D---- C:\WINDOWS\AppPatch
2013-04-27 20:28:12 ----D---- C:\Program Files\Outlook Express
2013-04-27 20:28:12 ----D---- C:\Program Files\Common Files\System
2013-04-27 20:28:11 ----D---- C:\WINDOWS\system32\drivers
2013-04-27 20:27:36 ----D---- C:\WINDOWS\security
2013-04-27 20:26:52 ----HD---- C:\WINDOWS\inf
2013-04-27 20:26:41 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-27 20:24:59 ----D---- C:\WINDOWS\WinSxS
2013-04-27 20:24:56 ----D---- C:\Program Files\Messenger
2013-04-27 20:24:53 ----D---- C:\WINDOWS\system32\dllcache
2013-04-27 20:24:49 ----D---- C:\WINDOWS\system32\inetsrv
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Network Diagnostic
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Help
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\usmt
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\en-US
2013-04-27 20:24:42 ----D---- C:\WINDOWS\PeerNet
2013-04-27 20:24:42 ----D---- C:\Program Files\Movie Maker
2013-04-27 20:22:12 ----D---- C:\WINDOWS\system32\Restore
2013-04-27 20:22:11 ----D---- C:\WINDOWS\msagent
2013-04-27 20:22:10 ----D---- C:\WINDOWS\srchasst
2013-04-27 20:22:09 ----D---- C:\Program Files\NetMeeting
2013-04-27 20:22:08 ----D---- C:\WINDOWS\system32\Com
2013-04-27 20:22:07 ----D---- C:\Program Files\Windows Media Player
2013-04-27 20:22:06 ----D---- C:\Program Files\Windows NT
2013-04-27 20:21:56 ----D---- C:\WINDOWS\system32\oobe
2013-04-27 20:21:55 ----D---- C:\WINDOWS\system
2013-04-27 20:18:46 ----D---- C:\WINDOWS\ehome
2013-04-24 18:19:21 ----SHD---- C:\WINDOWS\Installer
2013-04-24 18:19:21 ----D---- C:\Program Files\Common Files\Java
2013-04-24 18:18:37 ----D---- C:\Program Files\Java
2013-04-13 17:28:33 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-13 17:06:22 ----SD---- C:\Documents and Settings\Ferko\Application Data\Microsoft
2013-04-11 19:32:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-04-09 21:38:26 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\Winamp
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\DAEMON Tools Lite
2013-04-06 10:47:56 ----D---- C:\WINDOWS\Minidump
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-03-30 11:20:52 ----D---- C:\Program Files\Common Files
2013-03-30 11:20:47 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-02-12 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-10-21 35840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 242240]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2012-09-30 15424]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2012-09-30 512096]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-02-12 14592]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-02-12 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-02-12 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-02-12 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-02-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-02-12 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-02-12 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-02-12 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-02-12 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-02-12 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-02-12 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-02-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-02-12 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-02-12 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]
S3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2012-09-30 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-10-21 66872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 253656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-02-12 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1500820517-682003330-1004UA.job
C:\WINDOWS\003003_.tmp

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[88ferdo881]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ferko at 2013-04-30 18:40:17
Systém Microsoft Windows XP Professional Service Pack 3, v.3311
System drive C: has 12 GB (31%) free of 38 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:25, on 30.4.2013
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Ferko\Local Settings\Apps\2.0\Q5EKE986.RY9\AABR3EV4.W2Z\odme..tion_e50b86a32720a37b_0002.0001_34122a0108ea02eb\Odmenovac.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ferko\Desktop\RSIT.exe
C:\Program Files\trend micro\Ferko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877;
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Odmenovac] C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10428 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default

prefs.js - "browser.startup.homepage" - "http://pokec.azet.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, pdfforge@mybrowserbar.com:4.3, {AA994882-F391-4d2e-806F-8908DA4814ED}:2.3, wtxpcom@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, npfax@microgaming.co.uk:2.1.0.19, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Ferko\Application Data\Mozilla\Firefox\Profiles\kerpg1gk.default\extensions\
npfax@microgaming.co.uk

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2012-09-30 949376]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-30 25264680]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Odmenovac"=C:\Documents and Settings\Ferko\Start Menu\Programs\TNS\Odmenovac.appref-ms [2013-04-30 326]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Google Update"=C:\Documents and Settings\Ferko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-03-29 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-04-30 18:37:02 ----D---- C:\_OTM
2013-04-28 13:54:00 ----A---- C:\AdwCleaner[S2].txt
2013-04-28 13:36:46 ----A---- C:\AdwCleaner[S1].txt
2013-04-28 13:36:35 ----A---- C:\AdwCleaner[R2].txt
2013-04-28 12:00:15 ----A---- C:\AdwCleaner[R1].txt
2013-04-27 20:40:25 ----A---- C:\WINDOWS\OEWABLog.txt
2013-04-27 20:40:15 ----D---- C:\Program Files\xerox
2013-04-27 20:40:14 ----D---- C:\WINDOWS\system32\xircom
2013-04-27 20:40:13 ----D---- C:\Program Files\microsoft frontpage
2013-04-27 20:28:37 ----D---- C:\WINDOWS\Prefetch
2013-04-27 20:25:24 ----A---- C:\WINDOWS\setuplog.txt
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-04-27 20:24:50 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\credssp.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\azroles.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-04-27 20:24:48 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-04-27 20:24:47 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qutil.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\qagent.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\onex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napstat.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mssha.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-04-27 20:24:46 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slserv.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slgen.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\setupn.exe
2013-04-27 20:24:45 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-04-27 20:24:44 ----N---- C:\WINDOWS\slrundll.exe
2013-04-27 20:24:43 ----D---- C:\WINDOWS\system32\en
2013-04-27 20:24:43 ----D---- C:\WINDOWS\l2schemas
2013-04-27 20:24:42 ----D---- C:\WINDOWS\system32\bits
2013-04-27 20:22:25 ----D---- C:\WINDOWS\ServicePackFiles
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-04-27 20:20:59 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-04-27 20:20:58 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-04-27 20:20:57 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-04-27 20:20:56 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-04-27 20:20:55 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-04-27 20:20:54 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-04-27 20:20:53 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-04-27 20:20:52 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-04-27 20:18:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-27 20:05:13 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-04-27 09:58:40 ----D---- C:\rsit
2013-04-27 09:58:40 ----D---- C:\Program Files\trend micro
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-24 18:18:38 ----A---- C:\WINDOWS\system32\java.exe
2013-04-09 21:38:27 ----D---- C:\WINDOWS\CatRoot
2013-04-09 21:38:27 ----A---- C:\WINDOWS\vidcap32.Exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\StillCap.exe
2013-04-09 21:38:27 ----A---- C:\WINDOWS\RunSetup.dll
2013-04-09 21:38:26 ----D---- C:\Program Files\Vimicro
2013-04-06 10:44:01 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2013-04-30 18:39:50 ----D---- C:\WINDOWS\Temp
2013-04-30 18:39:28 ----D---- C:\Documents and Settings\Ferko\Application Data\Skype
2013-04-30 18:37:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-30 18:37:19 ----D---- C:\WINDOWS\system32
2013-04-30 18:37:19 ----D---- C:\WINDOWS
2013-04-30 18:37:03 ----SD---- C:\WINDOWS\Tasks
2013-04-30 18:08:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-29 18:35:01 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-29 18:34:59 ----D---- C:\Program Files\The KMPlayer
2013-04-27 20:40:54 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-27 20:40:15 ----RD---- C:\Program Files
2013-04-27 20:40:15 ----D---- C:\WINDOWS\system32\wbem
2013-04-27 20:40:15 ----D---- C:\WINDOWS\ime
2013-04-27 20:29:43 ----D---- C:\WINDOWS\Debug
2013-04-27 20:28:12 ----RSD---- C:\WINDOWS\Fonts
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\Setup
2013-04-27 20:28:12 ----D---- C:\WINDOWS\system32\npp
2013-04-27 20:28:12 ----D---- C:\WINDOWS\AppPatch
2013-04-27 20:28:12 ----D---- C:\Program Files\Outlook Express
2013-04-27 20:28:12 ----D---- C:\Program Files\Common Files\System
2013-04-27 20:28:11 ----D---- C:\WINDOWS\system32\drivers
2013-04-27 20:27:36 ----D---- C:\WINDOWS\security
2013-04-27 20:26:52 ----HD---- C:\WINDOWS\inf
2013-04-27 20:26:41 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-27 20:24:59 ----D---- C:\WINDOWS\WinSxS
2013-04-27 20:24:56 ----D---- C:\Program Files\Messenger
2013-04-27 20:24:53 ----D---- C:\WINDOWS\system32\dllcache
2013-04-27 20:24:49 ----D---- C:\WINDOWS\system32\inetsrv
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Network Diagnostic
2013-04-27 20:24:49 ----D---- C:\WINDOWS\Help
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\usmt
2013-04-27 20:24:44 ----D---- C:\WINDOWS\system32\en-US
2013-04-27 20:24:42 ----D---- C:\WINDOWS\PeerNet
2013-04-27 20:24:42 ----D---- C:\Program Files\Movie Maker
2013-04-27 20:22:12 ----D---- C:\WINDOWS\system32\Restore
2013-04-27 20:22:11 ----D---- C:\WINDOWS\msagent
2013-04-27 20:22:10 ----D---- C:\WINDOWS\srchasst
2013-04-27 20:22:09 ----D---- C:\Program Files\NetMeeting
2013-04-27 20:22:08 ----D---- C:\WINDOWS\system32\Com
2013-04-27 20:22:07 ----D---- C:\Program Files\Windows Media Player
2013-04-27 20:22:06 ----D---- C:\Program Files\Windows NT
2013-04-27 20:21:56 ----D---- C:\WINDOWS\system32\oobe
2013-04-27 20:21:55 ----D---- C:\WINDOWS\system
2013-04-27 20:18:46 ----D---- C:\WINDOWS\ehome
2013-04-24 18:19:21 ----SHD---- C:\WINDOWS\Installer
2013-04-24 18:19:21 ----D---- C:\Program Files\Common Files\Java
2013-04-24 18:18:37 ----D---- C:\Program Files\Java
2013-04-13 17:28:33 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-13 17:06:22 ----SD---- C:\Documents and Settings\Ferko\Application Data\Microsoft
2013-04-11 19:32:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-04-09 21:38:26 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\Winamp
2013-04-06 10:48:42 ----D---- C:\Documents and Settings\Ferko\Application Data\DAEMON Tools Lite
2013-04-06 10:47:56 ----D---- C:\WINDOWS\Minidump
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-04-06 10:33:52 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-02-12 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-10-21 35840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-20 242240]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2012-09-30 15424]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2012-09-30 512096]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-02-12 14592]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-02-12 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-02-12 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-02-12 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-02-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-02-12 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-02-12 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-02-12 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-02-12 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-02-12 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-02-12 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-02-12 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-12 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-02-12 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-02-12 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]
S3 ZSMC302;VIMICRO USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2012-09-30 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-10-21 66872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 253656]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-02-12 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Ferko.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436374069-1500820517-682003330-1007\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.