VIRY.CZ

Zdravim, vcera vecer mi ESET nasiel asi 30 virusov, zrovna som iba cital clanky, nasla to rezidentna ochrana. BOli to .sys subory v system32/drivers. Pri vacsine vypisalo ze vyliecene - zmazanim do karanteny, pri niektorych napisalo ze nejde liecit. Potom neboli problemy, PC som uspal, az rano mi pisalo ze IP adresa je v konflikte, sem tam odpojilo od internetu, a potom ho vyplo. Zapnut isiel az na piaty krat, vzdy to zaseklo pri tom obrazku nacitavanie Win XP. Potom mi miestami strasne sekal pocitac, tak som vypol svchost, ktory zaberal strasne vela procesoru, myslel som si ze to je virus. Napisalo ze system sa musi vypnut, ze som vypol nejaku funkciu. Dal som shutdown -a, lebo som mal nacate stahovanie, 90% a uz som to stahoval 6 hodin, a este som to chcel prebehnut MBAMom. MBAM nic nenasiel tak som dal restart. Pocitac hned po vybere Win XP / recovery console zasekne na cierne obrazovke. Ked dam safe mod, zastavi to pri nacitavani isapnp.sys.

Co mam robit, aby som prinajhorsom zachranil aspon niektore data, ktore surne potrebujem, co najrychlejsie.

Vopred dakuje.

stahujem, ked budem mat pustene to hirens boot, mozem si skopirovat subory ktore povazujem za dolezite, a potrebujem ich? dost by chybali keby bol treba reinstall systemu

a hej, zmazalo to nejake .sys subory z tej drivers zlozky.

tuto prvy log


DDS_BootCD_Version (Ver_09-10-04.01) - NTFSx86
Run at 21:58:36.71 on Sun 02/28/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17

============== Pseudo HJT Report ===============

S-1-5-21-117609710-602609370-839522115-500_Search Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
S-1-5-21-117609710-602609370-839522115-500_Search Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
S-1-5-21-117609710-602609370-839522115-1003_Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
S-1-5-21-117609710-602609370-839522115-1003_Run: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe
S-1-5-21-117609710-602609370-839522115-1003_Run: [VisualTaskTips] c:\program files\visualtasktips\VisualTaskTips.exe
S-1-5-21-117609710-602609370-839522115-1003_Run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
S-1-5-21-117609710-602609370-839522115-1003_Run: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
S-1-5-21-117609710-602609370-839522115-1003_Run: [Infium] "c:\program files\qip infium\infium.exe" /autorun
S-1-5-21-117609710-602609370-839522115-500_Run: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mRun: [ipTray.exe] "c:\program files\intel\idu\iptray.exe"
mRun: [Vistadrv] c:\program files\vistadrives\vsdrv.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Copperhead] c:\program files\razer\copperhead\razerhid.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Tarantula] c:\program files\razer\tarantula\razerhid.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\AdobeUpdate.jar
StartupFolder: c:\docume~1\chambo\startm~1\programs\startup\savesnap.lnk - c:\program files\savesnap\SaveSnap.exe
StartupFolder: c:\docume~1\chambo\startm~1\programs\startup\vistas~1.lnk - x:\i386\resources\themes\vista_anthracite\vistastart\VistaStart1.3.exe
StartupFolder: c:\documents and settings\chambo\start menu\programs\startup\winesm32.exe
StartupFolder: c:\docume~1\chambo\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\xfire.exe
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {8A96EAE5-D262-4226-A517-304C88B53F1F} - hxxp://212.55.255.202/access01.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\documents and settings\chambo\application data\mozilla\firefox\profiles\7rzxpate.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://hattrick.org/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

ASNDIS5; \??\c:\windows\system32\ASNDIS5.SYS
CrystalSysInfo; \??\c:\program files\mediacoder ipod edition\SysInfo.sys
DrvAgent32; \??\c:\windows\system32\drivers\DrvAgent32.sys
ehdrv; system32\DRIVERS\ehdrv.sys
ekrn; "c:\program files\eset\eset smart security\ekrn.exe"
fwdrv; [x]
gupdate1c9944afc8f24a0; "c:\program files\google\update\GoogleUpdate.exe" /svc
HPUATA; system32\DRIVERS\HPUATA.sys
khips; [x]
libusb0; system32\DRIVERS\libusb0.sys
Nero BackItUp Scheduler 4.0; c:\program files\common files\nero\nero backitup 4\NBService.exe
nkdcrfxx; [x]
OODBS; [x]
osaio; \??\c:\windows\system32\drivers\osaio.sys
Outlook; [x]
TarFltr; System32\Drivers\UsbFltr.sys
UsbFltr; system32\drivers\copperhd.sys
Video3D; System32\Drivers\Video3D32.sys
{115D199F-7124-4550-8FCA-6DEFA0A5C235}; [x]
{62E853BC-5CD4-41A9-A0A1-57229C3A766C}; [x]
{687019D6-0CF6-4025-AF4F-D4932F76ADC8}; [x]
{B367930A-E441-4FFB-AE8F-ABAECD3C7E1C}; [x]
{FCADF227-CCFC-4B13-A9B5-148D5343D926}; [x]

=============== Created Last 30 ================

2010-02-28 20:51 412,501 a------- C:\dds-bootcd.exe
2010-02-26 20:15 <DIR> --d----- c:\documents and settings\chambo\application data\id Software
2010-02-26 20:15 <DIR> --d----- c:\documents and settings\all users\application data\id Software
2010-02-26 19:07 0 a------- c:\windows\system32\drivers\nkdcrfxx.sys
2010-02-26 19:06 4 a------- c:\documents and settings\chambo\application data\avdrn.dat
2010-02-23 22:18 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2010-02-23 22:18 <DIR> --d----- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2010-02-21 19:24 <DIR> --d----- c:\windows\system32\wbem\Repository
2010-02-21 19:24 <DIR> --d----- c:\program files\BestGameEver
2010-02-21 11:29 <DIR> --d----- c:\program files\XN Resource Editor
2010-02-21 11:18 <DIR> --d----- c:\documents and settings\all users\application data\Martau
2010-02-21 11:18 <DIR> --d----- c:\program files\Total Uninstall 5
2010-02-16 21:40 <DIR> --d----- c:\program files\common files\DivX Shared
2010-02-11 03:16 41,872 a------- c:\windows\system32\xfcodec.dll
2010-02-09 19:28 2,434,856 a------- c:\windows\system32\pbsvc_bc2.exe
2010-02-07 11:34 23,456 a------- c:\windows\system32\drivers\drvagent32.sys
2010-02-07 11:31 <DIR> --d----- c:\program files\Lavalys
2010-02-01 08:41 <DIR> --d----- c:\program files\common files\PCSuite
2010-01-31 22:02 <DIR> --d----- c:\program files\VideoLAN
2010-01-31 21:43 0 a------- c:\windows\system32\drivers\nAsmedia.bin
2010-01-31 21:43 0 a------- c:\windows\system32\drivers\nAdvanced.bin
2010-01-31 21:43 0 a------- c:\windows\system32\drivers\nVivid.bin
2010-01-29 23:43 <DIR> --d----- c:\documents and settings\all users\application data\NVIDIA Corporation
2010-01-29 23:43 <DIR> --d----- c:\program files\NVIDIA Corporation
2010-01-29 23:42 61,440 a------- c:\windows\system32\OpenCL.dll
2010-01-29 23:42 9,047 a------- c:\windows\system32\nvinfo.pb
2010-01-29 23:42 11,632,640 a------- c:\windows\system32\nvcompiler.dll
2010-01-29 23:14 0 a------- c:\windows\system32\drivers\nStandard.bin

==================== Find3M ====================

2010-02-28 16:00 137,464 a------- c:\windows\system32\drivers\PnkBstrK.sys
2010-02-28 16:00 214,520 a------- c:\windows\system32\PnkBstrB.exe
2010-02-26 20:15 2,373,712 a------- c:\windows\system32\pbsvc.exe
2010-02-09 19:29 138,056 a------- c:\documents and settings\chambo\application data\PnkBstrK.sys
2010-02-09 19:28 75,064 a------- c:\windows\system32\PnkBstrA.exe
2010-01-27 05:08 327 a------- C:\Start_.cmd
2010-01-26 21:32 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-01-18 16:31 0 a---h--- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-18 16:31 0 a---h--- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-13 21:02 99,246 a------- c:\windows\War3Unin.dat
2010-01-12 04:03 14,458,880 a------- c:\windows\system32\nvoglnt.dll
2010-01-12 04:03 10,276,768 a------- c:\windows\system32\drivers\nv4_mini.sys
2010-01-12 04:03 6,359,168 a------- c:\windows\system32\nv4_disp.dll
2010-01-12 04:03 4,104,192 a------- c:\windows\system32\nvcuda.dll
2010-01-12 04:03 4,077,672 a------- c:\windows\system32\nvcuvenc.dll
2010-01-12 04:03 2,283,526 a------- c:\windows\system32\nvdata.bin
2010-01-12 04:03 2,259,560 a------- c:\windows\system32\nvcuvid.dll
2010-01-12 04:03 1,081,344 a------- c:\windows\system32\nvapi.dll
2010-01-12 04:03 592,488 a------- c:\windows\system32\nvudisp.exe
2010-01-12 04:03 182,888 a------- c:\windows\system32\nvcodins.dll
2010-01-12 04:03 182,888 a------- c:\windows\system32\nvcod.dll
2010-01-11 21:17 13,666,408 a------- c:\windows\system32\nvcpl.dll
2010-01-11 21:17 278,120 a------- c:\windows\system32\nvmccs.dll
2010-01-11 21:17 154,216 a------- c:\windows\system32\nvsvc32.exe
2010-01-11 21:17 145,000 a------- c:\windows\system32\nvcolor.exe
2010-01-11 21:17 110,696 a------- c:\windows\system32\nvmctray.dll
2010-01-11 21:17 81,920 a------- c:\windows\system32\nvwddi.dll
2010-01-07 15:07 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-12-27 15:46 139,264 a------- c:\windows\War3Unin.exe
2009-12-27 15:46 2,829 a------- c:\windows\War3Unin.pif
2009-12-09 21:54 261,632 a------- c:\windows\PEV.exe
2008-02-02 21:16 32 a------- c:\documents and settings\all users\application data\ezsid.dat
2009-05-03 11:41 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009050320090504\index.dat

==== Installed Programs ======================

AAC Decoder
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Recommended Settings
Adobe Color JA Extra Settings
Adobe Color NA Extra Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe Media Player
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8 - Slovak
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Setup
Adobe Shockwave Player 11
Adobe Stock Photos CS3
Adobe Type Support
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advertising Center
ASUS Gamer OSD
ASUS nVidia Driver
Audiosurf
AutoUpdate
AviSynth 2.5
Battlefield Bad Company 2 - BETA
BSPlayer
BZFlag 2.0.10 (remove only)
Cache525
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Call of Duty(R) - World at War(TM) 1.6 Patch
Call Of Duty(R) 2
Call of Duty(R) 2 Patch 1.3
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Camera RAW Plug-In for EPSON Creativity Suite
CCleaner
Cheat Engine 5.5
ClearType Tuning Control Panel Applet
Combined Community Codec Pack 2008-09-21 16:18
Counter-Strike 1.6 V35
Counter-Strike: Source
Detours Express 2.1
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
DolbyFiles
DriverAgent by eSupport.com
DVR-Studio
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuál
EPSON Web-To-Page
ESET Smart Security
EVEREST Ultimate Edition v5.30
FLV Player 1.3.3
Fraps (remove only)
Free YouTube to Mp3 Converter version 3.1
Futuremark SystemInfo
GamePark
GoldWave v5.25
Google Update Helper
Google Zem
Grand Theft Auto IV
H.264 Decoder
Hattrick Organizer (remove only)
HijackThis 2.0.2
HLSW v1.3.1
ICQ6.5
Image Resizer Powertoy for Windows XP
ImagXpress
Intel(R) Desktop Utilities
Intel(R) Management Engine Interface
Intel(R) PRO Network Connections 12.1.12.0
Intel(R) SMBus
InterVideo DeviceService
IrfanView (remove only)
Java(TM) 6 Update 17
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Last.fm 1.5.4.24567
Local Cooling Setup
Malwarebytes' Anti-Malware
MediaCoder iPod Edition
Menu Templates - Starter Kit
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (Slovak) 2007
Microsoft Office Outlook MUI (Slovak) 2007
Microsoft Office PowerPoint MUI (Slovak) 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Hungarian) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Slovak) 2007
Microsoft Office Shared MUI (Slovak) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (Slovak) 2007
Microsoft Software Update for Web Folders (Slovak) 12
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MKV Splitter
MobileMe Control Panel
Movie Templates - Starter Kit
Mozilla Firefox (3.6)
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Nero 7 Essentials
Nero 9 Trial
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero DiscSpeed
Nero DriveSpeed
Nero InfoTool
Nero Installer
Nero Live
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
NeroLiveGadget
neroxml
Nokia Connectivity Cable Driver
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
O&O Defrag Professional Edition
Opera 10.10
Paint.NET v3.36
PC Connectivity Solution
PDF Settings
Plus500
PolarClock3 Screen Saver
PowerDVD
PSPad editor
PSPVC :: PSP Video Converter v3.73
PunkBuster Services
QIP Infium 2.0.9034
Quake III Arena Point Release 1.32
Quake Live Mozilla Plugin
QuickTime
Razer Copperhead
Razer Tarantula
Realtek High Definition Audio Driver
Recuva
Rockstar Games Social Club
SaveSnap
Skype™ 4.1
Softvér tlaciarne EPSON
SoundTrax
Spybot - Search & Destroy
Steam
SwiftKit
System Requirements Lab
TeamSpeak 2 RC2
Total Commander (Remove or Repair)
Total Uninstall 5.2.0
Total Video Converter 3.12 080330
Uninstall 1.0.0.1
VC80CRTRedist - 8.0.50727.4053
Vista Anthracite Pack - Lite 1.31
Visual Task Tips 2.3
vixy converter uninstall
VLC media player 1.0.5
Warcraft III: All Products
WebFldrs XP
webGobbler 1.2.6 for Windows
WhatPulse 1.6
Winamp
Windows Driver Package - Nokia Modem (03/05/2008 3.7)
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Driver Package - Sony PSP Type B (11/20/2005 20051120)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR
Xfire (remove only)
XML Paper Specification Shared Components Pack 1.0
XNResourceEditor 3.0.0.1
XviD MPEG-4 Video Codec

============= FINISH: 21:58:55.18 ===============

druhy log, inak som skusal trochu googlovat a zjavne tam chyba ten subor pri ktorom sa to zasekne, podla microsoft napovedy som skusal to opravit, nejde

OTL logfile created on: 2/28/2010 10:10:13 PM - Run
OTLPE by OldTimer - Version 3.1.28.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 19.51 Gb Free Space | 13.09% Space Free | Partition Type: NTFS
Drive D: | 74.53 Gb Total Space | 18.08 Gb Free Space | 24.26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (CLTNetCnService)
SRV - [2010/02/28 11:00:34 | 000,214,520 | ---- | M] () [Auto] -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/02/09 14:28:58 | 000,075,064 | ---- | M] () [Auto] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/01/11 16:17:44 | 000,154,216 | ---- | M] (NVIDIA Corporation) [Disabled] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009/10/27 03:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/10 22:17:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/11 01:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 01:24:32 | 000,735,960 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/05/15 00:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/02/21 12:35:55 | 000,133,104 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9944afc8f24a0) Google Update Service (gupdate1c9944afc8f24a0)
SRV - [2008/09/20 18:05:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/08/29 03:18:44 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/06/01 04:21:30 | 000,271,920 | ---- | M] (Nero AG) [On_Demand] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/05/10 20:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2007/04/13 15:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007/03/06 04:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/01/08 16:39:44 | 000,171,040 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006/12/27 12:11:56 | 000,074,520 | ---- | M] (OSA Technologies Inc., An Avocent Company) [Auto] -- C:\Program Files\Intel\IDU\awServ.exe -- (AWService)
SRV - [2006/10/26 12:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (NSNDIS5)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (GEARAspiWDM)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2010/02/28 13:15:51 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nkdcrfxx.sys -- (nkdcrfxx)
DRV - [2010/02/28 11:00:43 | 000,137,464 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010/02/07 06:34:47 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drvagent32.sys -- (DrvAgent32)
DRV - [2010/01/11 23:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/12/27 12:47:46 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/10/06 05:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 05:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 05:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 05:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/11 01:26:24 | 000,055,768 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009/09/11 01:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 01:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 01:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/06/19 03:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2008/12/03 16:44:50 | 001,326,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/12/03 16:12:52 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/09/21 08:44:02 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/05/29 06:33:10 | 000,027,672 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\entech.sys -- (ENTECH)
DRV - [2008/03/22 03:43:22 | 000,271,360 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008/03/22 03:43:21 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/02/16 16:20:33 | 000,012,528 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/01/28 09:59:46 | 000,006,784 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2008/01/09 06:18:08 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/09/25 09:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\MediaCoder iPod Edition\sysinfo.sys -- (CrystalSysInfo)
DRV - [2007/09/17 02:09:52 | 000,254,872 | R--- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007/07/12 04:03:42 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007/07/12 04:03:40 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D)
DRV - [2007/07/12 04:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007/07/12 04:03:38 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2007/04/11 09:23:48 | 000,045,440 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\UsbFltr.sys -- (TarFltr)
DRV - [2007/03/13 07:05:30 | 000,044,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\heci.sys -- (HECI) Intel(R)
DRV - [2007/03/09 11:04:42 | 000,031,072 | ---- | M] (Intel Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006/12/28 01:27:00 | 000,045,184 | R--- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\intelsmb.sys -- (smbusp) Intel(R)
DRV - [2006/06/08 03:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/05/31 06:18:30 | 000,029,184 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2005/12/21 03:16:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005/11/02 04:54:44 | 000,011,596 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\copperhd.sys -- (UsbFltr)
DRV - [2005/10/21 01:25:32 | 000,013,396 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2005/01/07 11:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/03 17:08:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2002/09/09 12:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\asndis5.sys -- (ASNDIS5)
DRV - [2001/09/23 22:36:28 | 000,075,776 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hpuata.sys -- (HPUATA)
DRV - [2001/08/23 10:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/23 10:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\system32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2001/08/23 10:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\system32\winsock.dll -- (Winsock)
DRV - [2001/08/17 07:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\isapnp.old -- (isapnp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/02/01 03:41:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/19 10:52:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/19 10:52:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009/11/23 17:32:42 | 000,000,000 | ---D | M]

[2010/02/28 11:44:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/19 10:52:18 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010/02/19 10:52:18 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010/02/19 10:52:18 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010/02/19 10:52:18 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010/02/19 10:52:18 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010/02/19 10:52:18 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/01/26 18:39:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pre aplikáciu Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ipTray.exe] C:\Program Files\Intel\IDU\iptray.exe (OSA Technologies Inc., An Avocent Company)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Tarantula] C:\Program Files\Razer\Tarantula\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Vistadrv] C:\Program Files\VistaDrives\vsdrv.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab ... detect.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se5036.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8A96EAE5-D262-4226-A517-304C88B53F1F} http://212.55.255.202/access01.cab (ProfileAccessCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/23 17:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/02/21 14:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\BestGameEver
[2010/02/21 06:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\XN Resource Editor
[2010/02/21 06:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2010/02/16 16:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/02/07 06:34:47 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\drvagent32.sys
[2010/02/07 06:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010/02/01 03:41:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010/01/31 17:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/28 15:51:44 | 000,412,501 | ---- | M] () -- C:\dds-bootcd.exe
[2010/02/28 13:15:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/28 13:15:52 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/28 13:15:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\nkdcrfxx.sys
[2010/02/28 13:02:04 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C55A3084-FECD-4DFA-8105-B61859F6B9F4}.job
[2010/02/28 12:39:07 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/28 11:02:13 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/02/28 11:00:43 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/02/28 11:00:34 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/02/28 04:51:54 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/28 04:42:29 | 000,267,055 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/02/28 04:42:23 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/28 04:42:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/28 04:42:12 | 000,470,041 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010/02/26 16:28:53 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/02/26 15:15:08 | 002,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2010/02/17 11:12:51 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/10 22:16:10 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/02/09 14:28:58 | 000,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/02/09 14:28:54 | 002,434,856 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010/02/08 14:54:11 | 000,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/08 10:59:05 | 000,004,275 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010/02/07 06:34:47 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\drvagent32.sys
[2010/02/01 03:37:47 | 000,435,896 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/01 03:37:47 | 000,068,540 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/31 16:43:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin
[2010/01/31 16:43:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin
[2010/01/31 16:43:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\nVivid.bin
[2010/01/31 16:43:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/28 15:51:34 | 000,412,501 | ---- | C] () -- C:\dds-bootcd.exe
[2010/02/26 14:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\nkdcrfxx.sys
[2010/02/25 00:34:21 | 000,001,000 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/25 00:34:21 | 000,000,996 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/10 22:16:10 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/02/09 14:28:54 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010/01/31 16:43:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAsmedia.bin
[2010/01/31 16:43:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\nAdvanced.bin
[2010/01/31 16:43:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\nVivid.bin
[2009/10/04 07:36:23 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2009/08/11 12:36:19 | 000,004,757 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/06/09 13:22:27 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/05/13 00:45:17 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pspvc_path.ini
[2009/03/10 15:07:41 | 000,000,107 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2009/03/09 10:35:59 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2008/12/25 15:29:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/12/14 03:09:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2008/10/28 11:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/10/04 10:32:06 | 000,000,060 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2008/09/28 08:22:49 | 000,000,745 | ---- | C] () -- C:\WINDOWS\COD.INI
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/06/11 02:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/06/11 02:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/06/11 02:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/06/11 02:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/06/08 05:33:20 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2008/06/08 05:26:57 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2008/05/16 08:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/09 12:00:00 | 000,000,109 | ---- | C] () -- C:\WINDOWS\GMouse.ini
[2008/03/22 03:43:22 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008/03/22 03:43:21 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008/02/23 15:00:40 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008/02/23 01:56:59 | 000,001,733 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2008/02/01 01:03:05 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008/01/23 14:08:39 | 000,013,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTictwl.sys
[2008/01/23 13:13:46 | 000,000,036 | ---- | C] () -- C:\WINDOWS\ezmacros.INI
[2008/01/23 13:13:37 | 000,000,519 | ---- | C] () -- C:\WINDOWS\unezmac.ini
[2008/01/12 11:29:50 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/01/05 13:06:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/05 02:46:13 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/01/04 15:58:19 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/01/04 07:35:50 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/04 06:23:48 | 000,004,275 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008/01/04 04:56:16 | 000,643,142 | ---- | C] () -- C:\WINDOWS\aticlocklib.dll
[2008/01/04 04:56:16 | 000,110,592 | ---- | C] () -- C:\WINDOWS\R5ClkLib.dll
[2008/01/04 04:56:15 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2008/01/04 04:56:15 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2008/01/04 04:56:15 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2008/01/04 04:56:15 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2008/01/04 04:56:14 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/04 04:56:14 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/01/04 04:56:14 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2008/01/04 04:56:14 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2008/01/04 04:56:14 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2008/01/04 04:56:14 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2008/01/04 04:56:14 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2008/01/04 04:36:57 | 000,000,211 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI
[2002/10/03 08:42:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2002/03/16 19:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000080.DLL
[2001/01/12 04:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2010/02/28 13:02:04 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C55A3084-FECD-4DFA-8105-B61859F6B9F4}.job

========== Purity Check ==========


< End of report >

co urobi ta windows complete restore? a kde tu volbu najdem?

edit: co urobia tie veci co mam spravit? budem potom musiet nanovo instalovat SW atd.?

btw nemam vistu, mam WIN XP, instalovany mam SP2 ale kvoli jednej hre som menil hodnotu na SP3, ale je to len hodnota, v skutocnosti tam mam SP2

edit3: v tom prvom cdcku, co som stahoval som si vsimol zlozku s vela dolezitymi systemovymi subormi, odtial nepojdu?

mam win xp pro, hento som dal scanovat, ale napisalo to po 5 minutach ze cannot create file, a nieco s OTL.bat tam bolo, omylom som to zrusil. skusim to este raz.

edit: furt to nejde, napise ze nemoze vytvorit subor na X:/Programs/OTLDE/cmb.bat

stale to pise hentu hlasku, moj disk s windowsom je C:/

edit: skusil som toto

prekmenuj c:\documents and settings\chambo\start menu\programs\startup\winesm32.exe a - c:\windows\system32\drivers\nkdcrfxx.sys na nejaky nazev ktery si zapamatujes.

a pri starte uz zacalo pisat ze windows sa nespustil lebo chyba subor: isapnp.sys

a mam ten subor obnovit z cd. to som skusal uz vcera, ale neslo to, vraj v tej mechanike nie je cd, aj ked som ho tam mal

no ja som tam to expand skusal s e:/ lebo d:/ je druhy disk. idem to skusit este raz.

edit: obnovil som ten subor z toho drivers.zip, teraz uz PC ide, tuto je ten vypis z esetu.

26.2.2010 22:29:36 Rezidentná ochrana súbor C:\WINDOWS\system32\fjhdyfhsn.bat BAT/Agent.NFC trójsky kôň vyliečený zmazaním - uložený do karantény CHAMBO-FB56FE44\Chambo Táto skutočnosť bola zistená na súbore, ktorý bol modifikovaný aplikáciou: C:\WINDOWS\system32\cmd.exe.

26.2.2010 20:07:16 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\lbrtfdc.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:07:02 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\irenum.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:59 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\ipinip.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:59 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ipinip.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:59 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:58 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ipfltdrv.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:58 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ip6fw.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:57 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ip6fw.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:57 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\i8042prt.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:57 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\i8042prt.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:57 Rezidentná ochrana súbor C:\WINDOWS\System32\Drivers\i2omgmt.SYS variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:56 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\i2omgmt.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:56 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\hpuata.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:55 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\heci.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:54 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\hamachi.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:54 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\gearaspiwdm.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:53 Rezidentná ochrana súbor C:\WINDOWS\System32\Drivers\Flpydisk.SYS variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:53 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\Flpydisk.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:52 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\entech.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:52 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\eaglent.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:51 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\drvagent32.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:50 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\drmkaud.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:50 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\drmkaud.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:49 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\DMusic.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:49 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\dmusic.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:48 Rezidentná ochrana súbor C:\program files\mediacoder ipod edition\sysinfo.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény CHAMBO-FB56FE44\Chambo Táto skutočnosť bola zistená na novom súbore, ktorý bol vytvorený aplikáciou: C:\WINDOWS\system32\svchost.exe.

26.2.2010 20:06:48 Rezidentná ochrana súbor C:\WINDOWS\System32\Drivers\Changer.SYS variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:48 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\Changer.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:47 Rezidentná ochrana súbor C:\WINDOWS\System32\Drivers\Cdaudio.SYS variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:47 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\Cdaudio.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:46 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\CCDECODE.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:46 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ccdecode.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:46 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\atmarpc.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:45 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\atmarpc.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:45 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\asyncmac.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:44 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\asyncmac.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:44 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\asusgsb.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:43 Rezidentná ochrana súbor C:\WINDOWS\system32\asndis5.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:42 Rezidentná ochrana súbor C:\WINDOWS\system32\DRIVERS\arp1394.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:42 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\arp1394.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:41 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\athw.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:40 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\ar5211.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň vyliečený zmazaním - uložený do karantény NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:39 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\aec.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená pri pokuse o spustenie súboru.

26.2.2010 20:06:39 Rezidentná ochrana súbor C:\WINDOWS\system32\drivers\aec.sys variant infiltrácie Win32/Rootkit.Kryptik.AF trójsky kôň nemožno liečiť NT AUTHORITY\SYSTEM Táto skutočnosť bola zistená na novovytvorenom súbore.

26.2.2010 20:06:25 Rezidentná ochrana súbor C:\WINDOWS\system32\fjhdyfhsn.bat BAT/Agent.NFC trójsky kôň vyliečený zmazaním - uložený do karantény CHAMBO-FB56FE44\Chambo Táto skutočnosť bola zistená na súbore, ktorý bol modifikovaný aplikáciou: C:\WINDOWS\system32\cmd.exe.

chybat by nemalo nic, skopirovat som tam vsetko z drivers.zip, a ked to pytalo prepisat dal som vzdy nie, teda nic neprepisalo a tie co chybali tam skopirovalo. niektore subory boli vacsie, tie z drivers.zip, ale neprepisoval som nic. porovnam to, prve spravim ten combofix.

edit: este po prvom nabehnuti som hned spustil MBAM, tu je log

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3808
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1.3.2010 14:34:12
mbam-log-2010-03-01 (14-34-12).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 125195
Uplynutý cas: 4 minute(s), 6 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 2

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Documents and Settings\Chambo\Start Menu\Programs\Startup\winesm32.exe (Worm.KoobFace) -> Delete on reboot.
C:\Documents and Settings\Chambo\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.

tuto combofix. urcite im napisem, ale asi az dalsi tyzden, teraz nemam uz moc casu. je uz pc cisty, mozem ho plne pouzivat?

ComboFix 10-02-28.04 - Chambo 01.03.2010 14:46:54.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2020.1586 [GMT 1:00]
Running from: c:\documents and settings\Chambo\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((( Files Created from 2010-02-01 to 2010-03-01 )))))))))))))))))))))))))))))))
.

2010-03-01 13:47 . 2010-03-01 13:47 -------- d-----w- C:\drivers
2010-03-01 13:46 . 2010-03-01 13:47 19700638 ----a-w- C:\drivers.zip
2010-02-26 20:38 . 2010-02-26 21:06 371776 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2010-02-26 20:37 . 2010-02-26 21:06 187456 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2010-02-26 20:37 . 2010-02-26 20:37 887856 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbcl.dll
2010-02-26 20:37 . 2010-02-26 20:37 57344 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbag.dll
2010-02-26 20:37 . 2010-02-26 20:37 2427968 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\Chambo\Application Data\id Software
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software
2010-02-26 19:24 . 2010-03-01 13:37 -------- d--h--r- c:\documents and settings\Chambo\Recent
2010-02-26 19:07 . 2010-02-28 18:15 0 ----a-w- c:\windows\system32\drivers\renamed.sys
2010-02-26 18:46 . 2010-02-26 18:46 84480 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.67.0A.dll
2010-02-25 17:56 . 2009-06-09 14:18 1010488 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\Kiwi_392696123\HamachiSetup-1.0.2.5-cz.exe
2010-02-25 17:56 . 2009-03-18 06:31 398336 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\Nancy_455412487\Project1.exe
2010-02-25 17:56 . 2008-11-20 15:29 5488640 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\PetrG_485072087\CoDWaW_LANFixed.exe
2010-02-23 22:18 . 2010-02-27 22:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-23 22:18 . 2010-02-23 22:22 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-21 19:24 . 2010-02-21 19:24 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-21 19:24 . 2010-02-21 19:24 -------- d-----w- c:\program files\BestGameEver
2010-02-21 11:29 . 2010-02-21 11:29 -------- d-----w- c:\program files\XN Resource Editor
2010-02-21 11:18 . 2010-02-21 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Martau
2010-02-21 11:18 . 2010-02-21 11:18 -------- d-----w- c:\program files\Total Uninstall 5
2010-02-16 21:40 . 2010-02-16 21:40 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-02-11 03:16 . 2010-02-11 03:16 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-02-09 19:28 . 2010-02-09 19:28 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-02-07 11:34 . 2010-02-07 11:34 23456 ----a-w- c:\windows\system32\drivers\drvagent32.sys
2010-02-07 11:34 . 2010-02-07 11:34 -------- d-----w- c:\documents and settings\Chambo\Local Settings\Application Data\eSupport.com
2010-02-07 11:31 . 2010-02-07 11:31 -------- d-----w- c:\program files\Lavalys
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2010-02-01 08:41 . 2010-02-01 08:41 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-01 08:40 . 2010-02-01 08:37 34686912 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_slk_web.exe
2010-02-01 08:40 . 2010-02-01 08:40 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-02-01 08:40 . 2010-02-01 08:40 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-02-01 08:40 . 2010-02-01 08:40 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-02-01 08:40 . 2010-02-01 08:40 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-31 22:03 . 2010-02-28 10:18 -------- d-----w- c:\documents and settings\Chambo\Application Data\vlc
2010-01-31 22:02 . 2010-01-31 22:02 -------- d-----w- c:\program files\VideoLAN
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nAsmedia.bin
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nAdvanced.bin
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nVivid.bin

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-01 13:44 . 2008-01-04 09:06 23592960 ----a-w- c:\documents and settings\Chambo\NTUSER.DAT
2010-02-28 16:33 . 2009-11-08 14:40 -------- d-----w- c:\program files\Steam
2010-02-28 16:00 . 2008-01-04 20:58 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-02-28 16:00 . 2008-01-04 20:58 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-02-28 15:18 . 2008-02-20 18:14 -------- d-----w- c:\program files\SwiftKit
2010-02-28 15:18 . 2008-07-01 12:17 69 ----a-w- c:\documents and settings\Chambo\jagex_runescape_preferences.dat
2010-02-28 15:18 . 2009-09-14 14:46 69 ----a-w- c:\documents and settings\Chambo\jagex_runescape_preferences2.dat
2010-02-28 10:18 . 2010-01-31 22:03 -------- d-----w- c:\documents and settings\Chambo\Application Data\vlc
2010-02-27 21:06 . 2008-01-04 20:29 -------- d-----w- c:\documents and settings\Chambo\Application Data\Xfire
2010-02-27 14:32 . 2009-03-09 14:16 -------- d-----w- c:\program files\Cheat Engine
2010-02-26 21:29 . 2010-02-26 21:29 8 ----a-w- c:\documents and settings\LocalService\Application Data\rbuwzv.dat
2010-02-26 21:06 . 2010-02-26 20:38 371776 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2010-02-26 21:06 . 2010-02-26 20:37 187456 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2010-02-26 20:37 . 2010-02-26 20:37 887856 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbcl.dll
2010-02-26 20:37 . 2010-02-26 20:37 57344 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbag.dll
2010-02-26 20:37 . 2010-02-26 20:37 2427968 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\Chambo\Application Data\id Software
2010-02-26 20:15 . 2008-01-26 19:13 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-02-26 19:06 . 2009-05-24 13:32 -------- d-----w- c:\program files\MediaCoder iPod Edition
2010-02-26 19:06 . 2010-02-26 19:06 8 ----a-w- c:\documents and settings\NetworkService\Application Data\rbuwzv.dat
2010-02-26 18:46 . 2008-01-16 15:59 -------- d-----w- c:\program files\SystemRequirementsLab
2010-02-26 18:46 . 2010-02-26 18:46 84480 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.67.0A.dll
2010-02-26 18:46 . 2008-01-16 15:57 -------- d-----w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab
2010-02-25 17:57 . 2008-09-23 18:36 -------- d-----w- c:\program files\QIP Infium
2010-02-24 21:38 . 2008-01-04 20:29 -------- d-----w- c:\program files\Xfire
2010-02-23 22:24 . 2008-06-08 21:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-02-23 22:24 . 2008-01-04 11:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-23 22:24 . 2008-01-04 11:24 -------- d-----w- c:\program files\Lavasoft
2010-02-23 22:02 . 2008-11-03 17:51 -------- d-----w- c:\program files\Recuva
2010-02-23 19:00 . 2008-01-04 09:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-17 16:12 . 2009-06-12 04:43 664 ----a-w- c:\documents and settings\Chambo\Local Settings\Application Data\d3d9caps.dat
2010-02-17 16:12 . 2008-11-11 20:17 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-16 21:40 . 2008-01-28 14:59 -------- d-----w- c:\program files\DivX
2010-02-16 16:38 . 2008-07-12 11:25 -------- d-----w- c:\documents and settings\Chambo\Application Data\Winamp
2010-02-11 15:35 . 2008-08-23 12:11 -------- d-----w- c:\program files\Google
2010-02-09 19:32 . 2008-04-06 20:01 -------- d-----w- c:\program files\Electronic Arts
2010-02-09 19:29 . 2008-01-06 16:55 138056 ----a-w- c:\documents and settings\Chambo\Application Data\PnkBstrK.sys
2010-02-09 19:29 . 2008-01-06 16:55 138056 ----a-w- c:\documents and settings\Chambo\Application Data\PnkBstrK.sys
2010-02-09 19:28 . 2008-01-04 20:57 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2010-02-03 16:33 . 2008-06-07 20:22 -------- d-----w- c:\program files\Nokia
2010-02-01 08:41 . 2008-06-07 20:23 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-01 08:40 . 2009-04-16 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2010-02-01 08:37 . 2010-01-26 19:26 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-02-01 08:35 . 2008-06-07 20:23 -------- d-----w- c:\documents and settings\Chambo\Application Data\Nokia
2010-01-31 21:57 . 2009-06-21 19:48 -------- d-----w- c:\program files\TeamViewer
2010-01-31 21:43 . 2010-01-29 23:14 0 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-01-29 23:43 . 2008-10-03 19:31 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-29 23:43 . 2010-01-29 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-01-29 23:43 . 2010-01-29 23:43 -------- d-----w- c:\program files\NVIDIA Corporation
2010-01-29 14:40 . 2008-12-30 22:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-29 14:40 . 2009-05-29 22:14 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-29 14:19 . 2009-02-02 21:25 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-01-28 22:17 . 2010-01-28 22:17 -------- d-----w- c:\program files\Common Files\Apple
2010-01-28 21:33 . 2008-01-04 09:06 -------- d-s---w- c:\documents and settings\Chambo\Application Data\Microsoft
2010-01-28 20:54 . 2008-01-04 09:56 -------- d-----w- c:\program files\ASUS
2010-01-26 23:18 . 2008-01-24 18:24 1617424 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-26 21:32 . 2010-01-26 21:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-01-26 19:28 . 2010-01-26 19:28 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-26 19:12 . 2008-01-04 20:11 65024 ----a-w- c:\documents and settings\Chambo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-18 16:31 . 2010-01-18 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-18 16:31 . 2010-01-18 16:31 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-15 19:37 . 2009-12-27 15:37 -------- d-----w- c:\program files\Warcraft III
2010-01-14 14:55 . 2009-02-02 18:56 -------- d-----w- c:\program files\ICQ6.5
2010-01-13 21:02 . 2009-12-27 15:39 99246 ----a-w- c:\windows\War3Unin.dat
2010-01-11 21:17 . 2010-01-11 21:17 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-01-11 21:17 . 2010-01-11 21:17 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-01-11 21:17 . 2010-01-11 21:17 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-01-11 21:17 . 2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 21:17 . 2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 21:17 . 2010-01-11 21:17 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-01-07 15:07 . 2008-12-31 09:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-12-31 09:52 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:25 . 2010-01-02 12:51 -------- d-----w- c:\program files\PFConfig
2009-12-27 17:47 . 2008-11-20 15:41 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-12-27 15:46 . 2009-12-27 15:39 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-27 15:46 . 2009-12-27 15:39 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-26 10:51 . 2010-03-01 13:48 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-22 14:56 . 2010-03-01 13:48 30528 ----a-w- c:\windows\system32\drivers\bc_tfish.sys
2009-12-22 14:56 . 2010-03-01 13:48 29632 ----a-w- c:\windows\system32\drivers\bc_serp.sys
2009-12-22 14:56 . 2010-03-01 13:48 44480 ----a-w- c:\windows\system32\drivers\bc_rijn.sys
2009-12-22 14:56 . 2010-03-01 13:48 24384 ----a-w- c:\windows\system32\drivers\bc_rc6.sys
2009-12-22 14:56 . 2010-03-01 13:48 19392 ----a-w- c:\windows\system32\drivers\bc_idea.sys
2009-12-22 14:56 . 2010-03-01 13:48 19264 ----a-w- c:\windows\system32\drivers\bc_gost.sys
2009-12-22 14:55 . 2010-03-01 13:48 29120 ----a-w- c:\windows\system32\drivers\bc_des.sys
2009-12-22 14:55 . 2010-03-01 13:48 32064 ----a-w- c:\windows\system32\drivers\bc_cast.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bfish.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bf448.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bf128.sys
2009-12-22 14:55 . 2010-03-01 13:48 29376 ----a-w- c:\windows\system32\drivers\bc_3des.sys
2009-12-22 11:56 . 2010-03-01 13:48 191040 ----a-w- c:\windows\system32\drivers\bcfnt.sys
2009-12-19 16:05 . 2009-12-19 16:05 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-19 16:05 . 2009-12-19 16:05 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-19 16:05 . 2009-12-19 16:05 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-19 16:05 . 2009-12-19 16:07 24567912 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2009-12-17 23:25 . 2010-03-01 13:48 26024 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2009-12-15 07:55 . 2010-03-01 13:48 39360 ----a-w- c:\windows\system32\drivers\fsh.sys
.

------- Sigcheck -------

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys

[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys

[-] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys

[-] 2004-08-03 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll

[-] 2004-08-03 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe

[-] 2004-08-03 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll

[-] 2004-08-03 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll

[-] 2004-08-03 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\system32\rpcss.dll

[-] 2004-08-03 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\services.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2qfe\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe
[-] 2004-08-03 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe

[-] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2004-08-03 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2004-08-03 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll

[-] 2004-08-03 23:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\es.dll

[-] 2004-08-03 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll

[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\system32\kernel32.dll

[-] 2004-08-03 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll

[-] 2004-08-03 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll

[-] 2004-08-03 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll

[-] 2004-08-03 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll

[-] 2004-08-03 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll

[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntoskrnl.exe
[-] 2004-08-03 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe

[-] 2004-08-03 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll

[-] 2004-08-03 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll

[-] 2004-08-03 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll

[-] 2004-08-03 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe

[-] 2004-08-03 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll

[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll
[-] 2004-08-03 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll

[-] 2004-08-03 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe

[-] 2004-08-03 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll

[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe

[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll

[-] 2004-08-03 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2004-08-03 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2004-08-03 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll

[-] 2004-08-03 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

[-] 2004-08-03 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe

[-] 2004-08-03 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll

[-] 2004-08-03 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll

[-] 2004-08-03 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll

[-] 2004-08-03 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll

[-] 2004-08-03 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll

[-] 2004-08-03 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll

[-] 2001-08-23 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\AGP440.SYS

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2009-11-10 . 14522C1499B146E016359EF216BDDB78 . 35328 . . [5.1.2600.2180] . . c:\windows\system32\iprip.dll

[-] 2001-08-23 15:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll

[-] 2004-08-03 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll

[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-03 23:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntkrnlpa.exe
[-] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe

[-] 2004-08-03 23:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll

[-] 2004-08-03 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-03-12 2763264]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"Infium"="c:\program files\QIP Infium\infium.exe" [2010-02-18 5711312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"Vistadrv"="c:\program files\VistaDrives\vsdrv.exe" [2006-07-30 121089]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-03 17676288]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-03 185896]
"Tarantula"="c:\program files\Razer\Tarantula\razerhid.exe" [2007-05-07 159744]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\Chambo\Start Menu\Programs\Startup\
SaveSnap.lnk - c:\program files\SaveSnap\SaveSnap.exe [2008-1-5 1264128]
VistaStart.lnk - c:\windows\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe [2006-3-20 510464]
Xfire.lnk - c:\program files\Xfire\xfire.exe [2010-2-11 3207056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AdobeUpdate.jar [2009-12-19 57391]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-07-12 09:03 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-08-08 12:11 490952 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
2010-02-18 15:46 5711312 ----a-w- c:\program files\QIP Infium\infium.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 ----a-w- c:\windows\system32\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 05:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OODefragTray"=c:\windows\system32\oodtray.exe
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\BZFlag2.0.10\\bzflag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Counter-Strike 1.6 V35\\hl.exe"=
"c:\\Program Files\\Counter-Strike 1.6 V35\\hlds.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2BetaUpdater.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 7:23 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11.9.2009 7:24 735960]
R3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [18.8.2008 15:08 45440]
R3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [24.12.2008 21:51 11596]
S0 nkdcrfxx;nkdcrfxx; [x]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2008 0:18 717296]
S2 gupdate1c9944afc8f24a0;Google Update Service (gupdate1c9944afc8f24a0);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2009 18:36 133104]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\drvagent32.sys [7.2.2010 12:34 23456]
S3 HPUATA;HP CD Writer Plus Controller Driver;c:\windows\system32\drivers\hpuata.sys [24.9.2001 4:36 75776]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [4.11.2008 16:34 29184]
.
Contents of the 'Scheduled Tasks' folder

2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 17:35]

2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 17:35]

2010-03-01 c:\windows\Tasks\User_Feed_Synchronization-{C55A3084-FECD-4DFA-8105-B61859F6B9F4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sme.sk/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {FCADF227-CCFC-4B13-A9B5-148D5343D926} = 195.34.133.21,195.34.133.22
DPF: {8A96EAE5-D262-4226-A517-304C88B53F1F} - hxxp://212.55.255.202/access01.cab
FF - ProfilePath - c:\documents and settings\Chambo\Application Data\Mozilla\Firefox\Profiles\7rzxpate.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://hattrick.org/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- File Associations -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-01 14:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-602609370-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:c6,b6,a7,50,85,4e,dc,47,90,f7,d1,1b,61,96,46,48,da,3f,d6,98,4e,
d3,4d,d2,a5,90,50,92,53,1a,36,0f,cb,28,5b,37,95,71,30,ae,8d,54,50,05,ec,25,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="C84F50A88BC53124F6E45C0FDD5C85B8E54C47337AD4EB4119E8229C8C6C9862C2976B251EBF67E413D78303EEE71B5F88C83E2E4DD735CAD7F5F88C899151D5E1F4C5F6712F9D0EBC4E258460B1DBD5483F55305BAC70B354C226C642B10C61D7EC67A60C9BD33FB69B61D11A2230809AEF644D8D3A92C1D51CDBD340CF6452DB7CFB523AC6EF69C90A7EBCC753E49777926AAB12177113A446704DD120DA4A291353288AA2B7D5C056E2A8DA15ADA6DC4F88035A12C6988FF6DFE20A0CD2407E16E16DCF54599DEB301D91856B1E8D4B4585241A2A3195E75BC958BE32927C9DDA3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79338EDD5E5BE2F6E667BA7FD869164D6794F73C327B00EB31AF441E312BA910FD3C6E431B04E5E35ACC3A87724B8B6E890C5BC154BA20791E84E9F0F427F343D1149DFD5CAA06C838E0E308FEF1BF1CBAE43CC423047DC760096AE991ACE1C9ECCE79B41E6A0794CF0C836EF8F4EF2ADC355F12D5CBD342DB3403F8DDD9B5FE605B5196F42A4FB07D57204AD02645B5B9BB1EBCD96DB3D5E5A1824F613405402FCE0C962636990F90EED27029BB415E90E06919CFA804F24C10CBE2DB223A70D160A0ECADBFF3A150A3C8F7D8CCB64992ACC1BF0B9D7A114BE1566DBCEE9178346A9A14B8DA4360746B42BD6D594C1FE4CEBE8E95D4A628181EAC6F2B4A9DC0B5EF9BCAA9003C472BDE96E224C1800DA3188927ABB7E73758EF6F2700C844B72C13D615970B6AD693BB2DC9F1C9A0C25BFE5FECBC9372BEA826D01F485F40515D9B16394DBDAC11C5E0049A7E1DD2F50E9C15896E9CCF4515B4191EC66A1E84077633C249BAB47DC7542BC324C80D5EB1AF106B98685D5423302333EF29BE4A58322101BC8B8BAA18BECA72F2BD1BB9B19949C2C8714B794AD45DB16EC0DAA176836286901D0AA5A76E199DAED01DC76A6050053E961FC6F302CCAE9D36790FF6428F2C5DBDDF81DAD1667B4F3C084DAFADC66B6E192FD000B9868491F67996E7E9D58A72248FD78B0011887F1DA19246D0E37280A0AB3240A3B7D10F508B45C99B730252E6EE4306AF0F859FF407E4E7B9F0DB53B613087C891E770EF7B7A88F993F36B304AAE30C406B7642A8A715427E4C2D754AB974705C8E9CBD04D55221CC208E005B40DD52B041A2AF824777795BE9AEAC2DCA9DCB2DEE2BFEEF94DA5A4112B457AF03578127449762307DE4222BCD6DEF97C1AAAEB2BCD1681AF55C8C2626198B2C99FC37EB37248BC1373AC57212BB6D216E4CB2498482C1C7CEF47A5080EEA2DB7EFD83EBF4DD0DAC3257E354672E854AF6B2E1EEE972899F4AC75CB6D82CD6AE810FECB8E81B7F4C04206C9D0E1D4C745393BB47A61DF02DE3"
.
Completion time: 2010-03-01 14:55:13
ComboFix-quarantined-files.txt 2010-03-01 13:55
ComboFix2.txt 2010-01-26 23:52

Pre-Run: 18 677 755 904 bytes free
Post-Run: 23 adresárov, 18 672 660 480 voľných bajtov

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CFB996DC128B1F940632A54D3DB80C76

ComboFix 10-02-28.04 - Chambo 01.03.2010 15:30:13.11.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2020.1585 [GMT 1:00]
Running from: c:\documents and settings\Chambo\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((( Files Created from 2010-02-01 to 2010-03-01 )))))))))))))))))))))))))))))))
.

2010-03-01 14:03 . 2010-03-01 14:25 -------- d--h--r- c:\documents and settings\Chambo\Recent
2010-03-01 13:47 . 2010-03-01 13:47 -------- d-----w- C:\drivers
2010-03-01 13:46 . 2010-03-01 13:47 19700638 ----a-w- C:\drivers.zip
2010-02-26 20:38 . 2010-02-26 21:06 371776 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2010-02-26 20:37 . 2010-02-26 21:06 187456 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2010-02-26 20:37 . 2010-02-26 20:37 887856 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbcl.dll
2010-02-26 20:37 . 2010-02-26 20:37 57344 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbag.dll
2010-02-26 20:37 . 2010-02-26 20:37 2427968 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\Chambo\Application Data\id Software
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software
2010-02-26 19:07 . 2010-02-28 18:15 0 ----a-w- c:\windows\system32\drivers\renamed.sys
2010-02-26 18:46 . 2010-02-26 18:46 84480 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.67.0A.dll
2010-02-25 17:56 . 2009-06-09 14:18 1010488 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\Kiwi_392696123\HamachiSetup-1.0.2.5-cz.exe
2010-02-25 17:56 . 2009-03-18 06:31 398336 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\Nancy_455412487\Project1.exe
2010-02-25 17:56 . 2008-11-20 15:29 5488640 ----a-w- c:\documents and settings\Chambo\Application Data\QIP\Profiles\backup\25.2\361362782\RcvdFiles\PetrG_485072087\CoDWaW_LANFixed.exe
2010-02-23 22:18 . 2010-03-01 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-23 22:18 . 2010-02-23 22:22 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-21 19:24 . 2010-02-21 19:24 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-21 19:24 . 2010-02-21 19:24 -------- d-----w- c:\program files\BestGameEver
2010-02-21 11:29 . 2010-02-21 11:29 -------- d-----w- c:\program files\XN Resource Editor
2010-02-21 11:18 . 2010-02-21 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Martau
2010-02-21 11:18 . 2010-02-21 11:18 -------- d-----w- c:\program files\Total Uninstall 5
2010-02-16 21:40 . 2010-02-16 21:40 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-02-11 03:16 . 2010-02-11 03:16 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-02-09 19:28 . 2010-02-09 19:28 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-02-07 11:34 . 2010-02-07 11:34 23456 ----a-w- c:\windows\system32\drivers\drvagent32.sys
2010-02-07 11:34 . 2010-02-07 11:34 -------- d-----w- c:\documents and settings\Chambo\Local Settings\Application Data\eSupport.com
2010-02-07 11:31 . 2010-02-07 11:31 -------- d-----w- c:\program files\Lavalys
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2010-02-01 08:41 . 2010-02-01 08:41 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-01 08:40 . 2010-02-01 08:37 34686912 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_slk_web.exe
2010-02-01 08:40 . 2010-02-01 08:40 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-02-01 08:40 . 2010-02-01 08:40 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-02-01 08:40 . 2010-02-01 08:40 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-02-01 08:40 . 2010-02-01 08:40 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-31 22:03 . 2010-02-28 10:18 -------- d-----w- c:\documents and settings\Chambo\Application Data\vlc
2010-01-31 22:02 . 2010-01-31 22:02 -------- d-----w- c:\program files\VideoLAN
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nAsmedia.bin
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nAdvanced.bin
2010-01-31 21:43 . 2010-01-31 21:43 0 ----a-w- c:\windows\system32\drivers\nVivid.bin

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-01 14:27 . 2008-01-04 09:06 23592960 ----a-w- c:\documents and settings\Chambo\NTUSER.DAT
2010-02-28 16:33 . 2009-11-08 14:40 -------- d-----w- c:\program files\Steam
2010-02-28 16:00 . 2008-01-04 20:58 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-02-28 16:00 . 2008-01-04 20:58 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-02-28 15:18 . 2008-02-20 18:14 -------- d-----w- c:\program files\SwiftKit
2010-02-28 15:18 . 2008-07-01 12:17 69 ----a-w- c:\documents and settings\Chambo\jagex_runescape_preferences.dat
2010-02-28 15:18 . 2009-09-14 14:46 69 ----a-w- c:\documents and settings\Chambo\jagex_runescape_preferences2.dat
2010-02-28 10:18 . 2010-01-31 22:03 -------- d-----w- c:\documents and settings\Chambo\Application Data\vlc
2010-02-27 21:06 . 2008-01-04 20:29 -------- d-----w- c:\documents and settings\Chambo\Application Data\Xfire
2010-02-27 14:32 . 2009-03-09 14:16 -------- d-----w- c:\program files\Cheat Engine
2010-02-26 21:29 . 2010-02-26 21:29 8 ----a-w- c:\documents and settings\LocalService\Application Data\rbuwzv.dat
2010-02-26 21:06 . 2010-02-26 20:38 371776 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2010-02-26 21:06 . 2010-02-26 20:37 187456 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2010-02-26 20:37 . 2010-02-26 20:37 887856 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbcl.dll
2010-02-26 20:37 . 2010-02-26 20:37 57344 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\pb\pbag.dll
2010-02-26 20:37 . 2010-02-26 20:37 2427968 ----a-w- c:\documents and settings\Chambo\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2010-02-26 20:15 . 2010-02-26 20:15 -------- d-----w- c:\documents and settings\Chambo\Application Data\id Software
2010-02-26 20:15 . 2008-01-26 19:13 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-02-26 19:06 . 2009-05-24 13:32 -------- d-----w- c:\program files\MediaCoder iPod Edition
2010-02-26 19:06 . 2010-02-26 19:06 8 ----a-w- c:\documents and settings\NetworkService\Application Data\rbuwzv.dat
2010-02-26 18:46 . 2008-01-16 15:59 -------- d-----w- c:\program files\SystemRequirementsLab
2010-02-26 18:46 . 2010-02-26 18:46 84480 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.67.0A.dll
2010-02-26 18:46 . 2008-01-16 15:57 -------- d-----w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab
2010-02-25 17:57 . 2008-09-23 18:36 -------- d-----w- c:\program files\QIP Infium
2010-02-24 21:38 . 2008-01-04 20:29 -------- d-----w- c:\program files\Xfire
2010-02-23 22:24 . 2008-06-08 21:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-02-23 22:24 . 2008-01-04 11:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-23 22:24 . 2008-01-04 11:24 -------- d-----w- c:\program files\Lavasoft
2010-02-23 22:02 . 2008-11-03 17:51 -------- d-----w- c:\program files\Recuva
2010-02-23 19:00 . 2008-01-04 09:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-17 16:12 . 2009-06-12 04:43 664 ----a-w- c:\documents and settings\Chambo\Local Settings\Application Data\d3d9caps.dat
2010-02-17 16:12 . 2008-11-11 20:17 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-16 21:40 . 2008-01-28 14:59 -------- d-----w- c:\program files\DivX
2010-02-16 16:38 . 2008-07-12 11:25 -------- d-----w- c:\documents and settings\Chambo\Application Data\Winamp
2010-02-11 15:35 . 2008-08-23 12:11 -------- d-----w- c:\program files\Google
2010-02-09 19:32 . 2008-04-06 20:01 -------- d-----w- c:\program files\Electronic Arts
2010-02-09 19:29 . 2008-01-06 16:55 138056 ----a-w- c:\documents and settings\Chambo\Application Data\PnkBstrK.sys
2010-02-09 19:29 . 2008-01-06 16:55 138056 ----a-w- c:\documents and settings\Chambo\Application Data\PnkBstrK.sys
2010-02-09 19:28 . 2008-01-04 20:57 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2010-02-06 11:02 . 2010-02-06 11:02 138240 ----a-w- c:\documents and settings\Chambo\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2010-02-03 16:33 . 2008-06-07 20:22 -------- d-----w- c:\program files\Nokia
2010-02-01 08:41 . 2008-06-07 20:23 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-01 08:40 . 2009-04-16 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2010-02-01 08:37 . 2010-01-26 19:26 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-02-01 08:35 . 2008-06-07 20:23 -------- d-----w- c:\documents and settings\Chambo\Application Data\Nokia
2010-01-31 21:57 . 2009-06-21 19:48 -------- d-----w- c:\program files\TeamViewer
2010-01-31 21:43 . 2010-01-29 23:14 0 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-01-29 23:43 . 2008-10-03 19:31 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-29 23:43 . 2010-01-29 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-01-29 23:43 . 2010-01-29 23:43 -------- d-----w- c:\program files\NVIDIA Corporation
2010-01-29 14:40 . 2008-12-30 22:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-29 14:40 . 2009-05-29 22:14 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-29 14:19 . 2009-02-02 21:25 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-01-28 22:17 . 2010-01-28 22:17 -------- d-----w- c:\program files\Common Files\Apple
2010-01-28 21:33 . 2008-01-04 09:06 -------- d-s---w- c:\documents and settings\Chambo\Application Data\Microsoft
2010-01-28 20:54 . 2008-01-04 09:56 -------- d-----w- c:\program files\ASUS
2010-01-26 23:18 . 2008-01-24 18:24 1617424 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-26 21:32 . 2010-01-26 21:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-01-26 19:28 . 2010-01-26 19:28 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-26 19:12 . 2008-01-04 20:11 65024 ----a-w- c:\documents and settings\Chambo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-18 16:31 . 2010-01-18 16:31 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-18 16:31 . 2010-01-18 16:31 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-15 19:37 . 2009-12-27 15:37 -------- d-----w- c:\program files\Warcraft III
2010-01-14 14:55 . 2009-02-02 18:56 -------- d-----w- c:\program files\ICQ6.5
2010-01-13 21:02 . 2009-12-27 15:39 99246 ----a-w- c:\windows\War3Unin.dat
2010-01-11 21:17 . 2010-01-11 21:17 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-01-11 21:17 . 2010-01-11 21:17 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-01-11 21:17 . 2010-01-11 21:17 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-01-11 21:17 . 2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 21:17 . 2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 21:17 . 2010-01-11 21:17 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-01-07 15:07 . 2008-12-31 09:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-12-31 09:52 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 13:25 . 2010-01-02 12:51 -------- d-----w- c:\program files\PFConfig
2009-12-27 17:47 . 2008-11-20 15:41 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-12-27 15:46 . 2009-12-27 15:39 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-27 15:46 . 2009-12-27 15:39 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-26 10:51 . 2010-03-01 13:48 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-22 14:56 . 2010-03-01 13:48 30528 ----a-w- c:\windows\system32\drivers\bc_tfish.sys
2009-12-22 14:56 . 2010-03-01 13:48 29632 ----a-w- c:\windows\system32\drivers\bc_serp.sys
2009-12-22 14:56 . 2010-03-01 13:48 44480 ----a-w- c:\windows\system32\drivers\bc_rijn.sys
2009-12-22 14:56 . 2010-03-01 13:48 24384 ----a-w- c:\windows\system32\drivers\bc_rc6.sys
2009-12-22 14:56 . 2010-03-01 13:48 19392 ----a-w- c:\windows\system32\drivers\bc_idea.sys
2009-12-22 14:56 . 2010-03-01 13:48 19264 ----a-w- c:\windows\system32\drivers\bc_gost.sys
2009-12-22 14:55 . 2010-03-01 13:48 29120 ----a-w- c:\windows\system32\drivers\bc_des.sys
2009-12-22 14:55 . 2010-03-01 13:48 32064 ----a-w- c:\windows\system32\drivers\bc_cast.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bfish.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bf448.sys
2009-12-22 14:55 . 2010-03-01 13:48 23744 ----a-w- c:\windows\system32\drivers\bc_bf128.sys
2009-12-22 14:55 . 2010-03-01 13:48 29376 ----a-w- c:\windows\system32\drivers\bc_3des.sys
2009-12-22 11:56 . 2010-03-01 13:48 191040 ----a-w- c:\windows\system32\drivers\bcfnt.sys
2009-12-19 16:05 . 2009-12-19 16:05 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-19 16:05 . 2009-12-19 16:05 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-19 16:05 . 2009-12-19 16:05 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-19 16:05 . 2009-12-19 16:07 24567912 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2009-12-17 23:25 . 2010-03-01 13:48 26024 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2009-12-15 07:55 . 2010-03-01 13:48 39360 ----a-w- c:\windows\system32\drivers\fsh.sys
.

------- Sigcheck -------

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2001-08-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys

[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys

[-] 2001-08-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys

[-] 2004-08-03 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll

[-] 2004-08-03 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe

[-] 2004-08-03 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll

[-] 2004-08-03 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll

[-] 2004-08-03 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\system32\rpcss.dll

[-] 2004-08-03 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\services.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2qfe\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe
[-] 2004-08-03 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe

[-] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2004-08-03 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2004-08-03 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll

[-] 2004-08-03 23:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\system32\es.dll

[-] 2004-08-03 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll

[-] 2004-08-03 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\system32\kernel32.dll

[-] 2004-08-03 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll

[-] 2004-08-03 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll

[-] 2004-08-03 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll

[-] 2004-08-03 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll

[-] 2004-08-03 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll

[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntoskrnl.exe
[-] 2004-08-03 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe

[-] 2004-08-03 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll

[-] 2004-08-03 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll

[-] 2004-08-03 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll

[-] 2004-08-03 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe

[-] 2004-08-03 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll

[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\user32.dll
[-] 2004-08-03 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll

[-] 2004-08-03 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe

[-] 2004-08-03 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll

[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-03 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe

[-] 2004-08-03 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll

[-] 2004-08-03 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2004-08-03 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2004-08-03 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll

[-] 2004-08-03 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

[-] 2004-08-03 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe

[-] 2004-08-03 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll

[-] 2004-08-03 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll

[-] 2004-08-03 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll

[-] 2004-08-03 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll

[-] 2004-08-03 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll

[-] 2004-08-03 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll

[-] 2001-08-23 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\AGP440.SYS

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2009-11-10 . 14522C1499B146E016359EF216BDDB78 . 35328 . . [5.1.2600.2180] . . c:\windows\system32\iprip.dll

[-] 2001-08-23 15:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll

[-] 2004-08-03 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll

[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-03 23:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2qfe\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\SoftwareDistribution\Download\dc3b8fb011c281dea1cb7a45f880da78\sp2gdr\ntkrnlpa.exe
[-] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe

[-] 2004-08-03 23:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll

[-] 2004-08-03 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-03-01_13.53.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-01 14:29 . 2010-03-01 14:29 16384 c:\windows\Temp\Perflib_Perfdata_65c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-03-12 2763264]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"Infium"="c:\program files\QIP Infium\infium.exe" [2010-02-18 5711312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files\Intel\IDU\iptray.exe" [2006-12-28 2242328]
"Vistadrv"="c:\program files\VistaDrives\vsdrv.exe" [2006-07-30 121089]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-03 17676288]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-03 185896]
"Tarantula"="c:\program files\Razer\Tarantula\razerhid.exe" [2007-05-07 159744]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\Chambo\Start Menu\Programs\Startup\
SaveSnap.lnk - c:\program files\SaveSnap\SaveSnap.exe [2008-1-5 1264128]
VistaStart.lnk - c:\windows\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe [2006-3-20 510464]
Xfire.lnk - c:\program files\Xfire\xfire.exe [2010-2-11 3207056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AdobeUpdate.jar [2009-12-19 57391]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-07-12 09:03 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-08-08 12:11 490952 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
2010-02-18 15:46 5711312 ----a-w- c:\program files\QIP Infium\infium.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 ----a-w- c:\windows\system32\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 05:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OODefragTray"=c:\windows\system32\oodtray.exe
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\BZFlag2.0.10\\bzflag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Counter-Strike 1.6 V35\\hl.exe"=
"c:\\Program Files\\Counter-Strike 1.6 V35\\hlds.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2BetaUpdater.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 7:23 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11.9.2009 7:24 735960]
R3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [18.8.2008 15:08 45440]
R3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [24.12.2008 21:51 11596]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2008 0:18 717296]
S2 gupdate1c9944afc8f24a0;Google Update Service (gupdate1c9944afc8f24a0);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2009 18:36 133104]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\drvagent32.sys [7.2.2010 12:34 23456]
S3 HPUATA;HP CD Writer Plus Controller Driver;c:\windows\system32\drivers\hpuata.sys [24.9.2001 4:36 75776]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [4.11.2008 16:34 29184]
.
Contents of the 'Scheduled Tasks' folder

2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 17:35]

2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 17:35]

2010-03-01 c:\windows\Tasks\User_Feed_Synchronization-{C55A3084-FECD-4DFA-8105-B61859F6B9F4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sme.sk/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {FCADF227-CCFC-4B13-A9B5-148D5343D926} = 195.34.133.21,195.34.133.22
DPF: {8A96EAE5-D262-4226-A517-304C88B53F1F} - hxxp://212.55.255.202/access01.cab
FF - ProfilePath - c:\documents and settings\Chambo\Application Data\Mozilla\Firefox\Profiles\7rzxpate.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://hattrick.org/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- File Associations -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-01 15:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-602609370-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:c6,b6,a7,50,85,4e,dc,47,90,f7,d1,1b,61,96,46,48,da,3f,d6,98,4e,
d3,4d,d2,a5,90,50,92,53,1a,36,0f,cb,28,5b,37,95,71,30,ae,8d,54,50,05,ec,25,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="C84F50A88BC53124F6E45C0FDD5C85B8E54C47337AD4EB4119E8229C8C6C9862C2976B251EBF67E413D78303EEE71B5F88C83E2E4DD735CAD7F5F88C899151D5E1F4C5F6712F9D0EBC4E258460B1DBD5483F55305BAC70B354C226C642B10C61D7EC67A60C9BD33FB69B61D11A2230809AEF644D8D3A92C1D51CDBD340CF6452DB7CFB523AC6EF69C90A7EBCC753E49777926AAB12177113A446704DD120DA4A291353288AA2B7D5C056E2A8DA15ADA6DC4F88035A12C6988FF6DFE20A0CD2407E16E16DCF54599DEB301D91856B1E8D4B4585241A2A3195E75BC958BE32927C9DDA3FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79338EDD5E5BE2F6E667BA7FD869164D6794F73C327B00EB31AF441E312BA910FD3C6E431B04E5E35ACC3A87724B8B6E890C5BC154BA20791E84E9F0F427F343D1149DFD5CAA06C838E0E308FEF1BF1CBAE43CC423047DC760096AE991ACE1C9ECCE79B41E6A0794CF0C836EF8F4EF2ADC355F12D5CBD342DB3403F8DDD9B5FE605B5196F42A4FB07D57204AD02645B5B9BB1EBCD96DB3D5E5A1824F613405402FCE0C962636990F90EED27029BB415E90E06919CFA804F24C10CBE2DB223A70D160A0ECADBFF3A150A3C8F7D8CCB64992ACC1BF0B9D7A114BE1566DBCEE9178346A9A14B8DA4360746B42BD6D594C1FE4CEBE8E95D4A628181EAC6F2B4A9DC0B5EF9BCAA9003C472BDE96E224C1800DA3188927ABB7E73758EF6F2700C844B72C13D615970B6AD693BB2DC9F1C9A0C25BFE5FECBC9372BEA826D01F485F40515D9B16394DBDAC11C5E0049A7E1DD2F50E9C15896E9CCF4515B4191EC66A1E84077633C249BAB47DC7542BC324C80D5EB1AF106B98685D5423302333EF29BE4A58322101BC8B8BAA18BECA72F2BD1BB9B19949C2C8714B794AD45DB16EC0DAA176836286901D0AA5A76E199DAED01DC76A6050053E961FC6F302CCAE9D36790FF6428F2C5DBDDF81DAD1667B4F3C084DAFADC66B6E192FD000B9868491F67996E7E9D58A72248FD78B0011887F1DA19246D0E37280A0AB3240A3B7D10F508B45C99B730252E6EE4306AF0F859FF407E4E7B9F0DB53B613087C891E770EF7B7A88F993F36B304AAE30C406B7642A8A715427E4C2D754AB974705C8E9CBD04D55221CC208E005B40DD52B041A2AF824777795BE9AEAC2DCA9DCB2DEE2BFEEF94DA5A4112B457AF03578127449762307DE4222BCD6DEF97C1AAAEB2BCD1681AF55C8C2626198B2C99FC37EB37248BC1373AC57212BB6D216E4CB2498482C1C7CEF47A5080EEA2DB7EFD83EBF4DD0DAC3257E354672E854AF6B2E1EEE972899F4AC75CB6D82CD6AE810FECB8E81B7F4C04206C9D0E1D4C745393BB47A61DF02DE3"
.
Completion time: 2010-03-01 15:38:25
ComboFix-quarantined-files.txt 2010-03-01 14:38
ComboFix2.txt 2010-03-01 13:55
ComboFix3.txt 2010-01-26 23:52

Pre-Run: 18 717 970 432 bytes free
Post-Run: 23 adresárov, 18 695 225 344 voľných bajtov

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - C4756A2A10DCA75D01523C9D44833903

je cisty, 0/42, komplet vypis snad netreba. dakujem za pomoc aj ochotu

nevadi, nastastie som sa sem pre istotu este raz pozrel, ci nieco nepribudlo

k teme, vsetky tri subory su ciste, 0/42. ale ked by to neohrozilo system, rad by som vymazal ten drvagent32.sys, je to program, ktory mi ukazal ktore drivery mam aktualne, a ktore zastarale, ale ked som chcel aktualizovat uz to pisalo peniaze, tak som to odinstaloval, ale toto tam zjavne zostalo.