pomaly firefox

zdravim,uz asi 3 dni mi nenormalne pomaly bezi firefox a casto zamrza, nemoze to byt dajaky virus,prikladam aj log,dakujem za odpovede

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:14:22, on 25. 12. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://jaspi.justice.gov.sk/jaspiw1/jaspiw_maxi_fr0.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Správca pre program Google Desktop 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5188 bytes

Moze to byt vselico. Ale HJT uz nestaci...

1) Stiahni GooredFix na plochu. Spust -> "OK". Vytvori sa log, ten posli.


2) Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:


Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

prikladam log z goorefixu

GooredFix by jpshortstuff (06.12.09.1)
Log created at 14:50 on 25/12/2009 (tomas)
Firefox version 3.5.6 (sk)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [15:33 08/10/2009]
{B13721C7-F507-4982-B2E5-502A71474FED} [17:12 08/10/2009]
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [15:53 08/10/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [17:22 12/12/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(Key not found)

---------- Old Logs ----------
GooredFix[13.50.30_25-12-2009].txt

-=E.O.F=-

OTL Extras logfile created on: 25. 12. 2009 14:55:38 - Run 1
OTL by OldTimer - Version 3.1.20.0 Folder = C:\Users\tomas\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 77,79 Gb Free Space | 66,90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 115,13 Gb Total Space | 49,57 Gb Free Space | 43,06% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOMAS-PC
Current User Name: tomas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D419998-81F1-415F-9E92-55F2D8AACD98}" = lport=139 | protocol=6 | dir=in | app=system |
"{13346409-524E-4942-9CDF-25794F320F61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18CFF226-EB30-434C-927D-6E81529EF661}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C689ED2-C570-44E0-A869-BA2931A69318}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1EBC52DD-7C4B-4A5A-BF3E-158A457A1291}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1F7BEB59-46C6-4FA1-9263-DC7CAE2DA5E2}" = rport=139 | protocol=6 | dir=out | app=system |
"{2A5B3949-A0D5-4020-AFFA-48FEEA1E353A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2D361805-AADE-44BC-B8D6-2D518316B19D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{39D42B34-2305-48C3-B5DF-B11FF436D6EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42EA1C9D-645A-4001-9DFA-829F1E221331}" = rport=445 | protocol=6 | dir=out | app=system |
"{4996349F-0395-48EA-A45C-E4A7F36C4B9A}" = lport=137 | protocol=17 | dir=in | app=system |
"{506073AC-252A-4666-924D-C5F719B841DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{62D09DFD-72B5-4B37-8665-7DED012E9AD2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6B08405D-5183-4DC3-A6CF-DB40632C14CC}" = lport=138 | protocol=17 | dir=in | app=system |
"{8DED36BD-2C0D-4E33-824C-48E17C0E74C5}" = rport=137 | protocol=17 | dir=out | app=system |
"{9D4D34B2-4E41-461C-B875-980CDAD5E9E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3B06A7A-A1F7-467A-8471-9C1466ACA170}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEFE3C16-1429-4128-8252-810AEA4CA54D}" = rport=138 | protocol=17 | dir=out | app=system |
"{B4443FBD-DF91-4F98-BE3D-3B59145B1AE3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE2F2491-94F2-403F-B9D6-77F458A1BCEE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C6A31888-E9E9-4D54-94A6-B9A3CEECFE30}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D40D896A-ED6D-4795-9609-60E99992B882}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6E98237-1727-4C4D-BAC8-7C41B79D13A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DF2B9C8F-D4C7-46F7-9122-07BEEC895733}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAA2AE98-90AF-4E8A-80EE-B20ADF54A309}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCA60FA0-BFC4-49AE-BD76-4395030D3F90}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF3D9C02-384B-4673-A01D-EDE26AB8B8AA}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3589F6E0-E37D-4872-891D-506F36D59A8B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{39BE27E5-B9FA-4308-96E0-5A75A1A62228}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ACDE208-2ABD-48CB-AF09-343C669E4B18}" = protocol=6 | dir=out | app=system |
"{48A3C7FB-3598-41C5-8347-CC10F2B90750}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54FF85DF-C885-48CF-9710-474EF012C9AF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5ED2386C-2CE3-4D9C-B4A8-634F719F240A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{66238750-E17B-4A29-8680-A9ED56D8F49C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C22ED32-D1B8-4FD5-8DD9-244A8F17C0FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B4588E2-4359-41DC-90D6-8A51294FAEB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8755E6EB-EA5B-4846-81AF-0325C953C8B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{912626FC-1B7D-4985-9B6F-4DE0E05AA9CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9C516523-CB66-479B-8B70-C0C92DEBB8CA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BE54298B-868D-4703-BAB1-8BCEAE893BA8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C19FCE6B-0875-4644-BFB3-FA33374DFBCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCCCF64E-3C90-4B68-8EC7-DE465F42E420}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DDA13730-9888-4006-8D8C-2059E1B97137}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E5ED46EF-08F0-42FF-9AF7-9463ED1FA4A1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EF902674-1376-4968-AAAC-48503D8DA4DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7E87169-2354-4EF9-A15E-11CBFAAA6955}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA2F71CF-9F72-4BCF-BACE-EFE86608879B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FADDF92B-BB63-486E-BCE9-EA5714F2F7B9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{083EFFAE-E286-4478-AF12-46743626D25B}E:\games\cs source\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=e:\games\cs source\counter-strike source\hl2.exe |
"TCP Query User{155692D5-1B25-42FB-99A5-DDEB2112ED74}C:\users\tomas\i4poker\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\tomas\i4poker\jre\bin\javaw.exe |
"TCP Query User{1FA5B229-ED6E-47DD-8692-84D87D366BE5}E:\games\war 3\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\games\war 3\warcraft iii\war3.exe |
"TCP Query User{2017DCD9-B02C-4A80-956B-E0DA3CE45FF7}C:\users\tomas\i4poker\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\tomas\i4poker\jre\bin\javaw.exe |
"TCP Query User{5700CE39-311F-4925-ACC4-F4C84CEBECBA}E:\games\fifa10\fifa10.exe" = protocol=6 | dir=in | app=e:\games\fifa10\fifa10.exe |
"TCP Query User{6F40B199-13FB-4497-BD22-A1B0E5AB4DF6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{799B5B08-9E40-4BB2-A2A1-75CECD4A6A18}C:\program files\intrakdc\intrakdc.exe" = protocol=6 | dir=in | app=c:\program files\intrakdc\intrakdc.exe |
"TCP Query User{8B425DFC-3466-40C8-8BA3-23E2237AF048}C:\program files\bluetoothpcdialer\bluetoothpcdialer.exe" = protocol=6 | dir=in | app=c:\program files\bluetoothpcdialer\bluetoothpcdialer.exe |
"TCP Query User{9CCEFDF1-11D5-4327-8366-1AA58C2B26C3}E:\games\fifa10\fifa10.exe" = protocol=6 | dir=in | app=e:\games\fifa10\fifa10.exe |
"TCP Query User{9EBD21D8-11C2-4CA4-AF26-ED00A11138B5}E:\games\falout\flatout\flatout\flatout.exe" = protocol=6 | dir=in | app=e:\games\falout\flatout\flatout\flatout.exe |
"TCP Query User{D3E615AA-AAE9-4EF6-AB58-1C6322429290}E:\games\cs instalacka\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=e:\games\cs instalacka\counter-strike source\hl2.exe |
"TCP Query User{D7166287-C946-489D-ADB2-0D58A044BE9A}E:\games\cs source\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=e:\games\cs source\counter-strike source\hl2.exe |
"TCP Query User{D73D5015-1CC7-4678-8480-154515B51750}E:\games\nhl09\nhl2009.exe" = protocol=6 | dir=in | app=e:\games\nhl09\nhl2009.exe |
"TCP Query User{F69B32F7-F31F-4CCA-820B-D935D50A7882}E:\games\nhl09\nhl2009.exe" = protocol=6 | dir=in | app=e:\games\nhl09\nhl2009.exe |
"UDP Query User{1D01C72D-005B-48E3-B445-47FCCD2F3CCC}C:\program files\bluetoothpcdialer\bluetoothpcdialer.exe" = protocol=17 | dir=in | app=c:\program files\bluetoothpcdialer\bluetoothpcdialer.exe |
"UDP Query User{3AE45EBE-FBDB-45AF-9950-DA5DE30CB771}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{43217791-4E59-4AE6-8A8C-954123750546}E:\games\fifa10\fifa10.exe" = protocol=17 | dir=in | app=e:\games\fifa10\fifa10.exe |
"UDP Query User{50571A2D-468D-4921-927E-DC0B3D173170}E:\games\falout\flatout\flatout\flatout.exe" = protocol=17 | dir=in | app=e:\games\falout\flatout\flatout\flatout.exe |
"UDP Query User{6033CEBA-5705-4929-96E2-79D014FD3D29}E:\games\cs source\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=e:\games\cs source\counter-strike source\hl2.exe |
"UDP Query User{60EDD3A1-99AA-4186-A92D-572623002300}E:\games\fifa10\fifa10.exe" = protocol=17 | dir=in | app=e:\games\fifa10\fifa10.exe |
"UDP Query User{64D00D31-7559-43F9-AEF3-1481D47A4B49}E:\games\cs source\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=e:\games\cs source\counter-strike source\hl2.exe |
"UDP Query User{658FDD9A-EB79-47C4-AE92-9D3F928358D2}C:\users\tomas\i4poker\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\tomas\i4poker\jre\bin\javaw.exe |
"UDP Query User{6C2FC819-0808-477D-A110-7CFE63E47295}E:\games\nhl09\nhl2009.exe" = protocol=17 | dir=in | app=e:\games\nhl09\nhl2009.exe |
"UDP Query User{B412F0F5-7CD7-472F-99C0-DA5CAC43FF7F}C:\users\tomas\i4poker\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\tomas\i4poker\jre\bin\javaw.exe |
"UDP Query User{BF4B85B9-17AE-4459-95FD-206660453EC5}E:\games\cs instalacka\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=e:\games\cs instalacka\counter-strike source\hl2.exe |
"UDP Query User{CFD193F8-732F-4DFE-B18C-B282F8336A22}E:\games\war 3\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\games\war 3\warcraft iii\war3.exe |
"UDP Query User{D958ABF6-97BF-4582-B5B2-143E3617FA69}E:\games\nhl09\nhl2009.exe" = protocol=17 | dir=in | app=e:\games\nhl09\nhl2009.exe |
"UDP Query User{E0608E31-E3DA-42ED-A0DE-1C9BE268B8D0}C:\program files\intrakdc\intrakdc.exe" = protocol=17 | dir=in | app=c:\program files\intrakdc\intrakdc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asistent pri prihlasovaní v konte Windows Live ID
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Odovzdávací nástroj lokality Windows Live
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{27F5A864-A816-471D-91A4-5CD39305AA23}" = Windows Live Fotogaléria
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42CB94C5-66F6-4F63-8D31-7FA3A86490A8}" = Toshiba TEMPRO
"{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}" = Microsoft Security Essentials
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Akustický tlmič jednotky CD/DVD
"{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}" = Microsoft Antimalware
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1051-7B44-A81200000003}" = Adobe Reader 8 - Slovak
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B536CA63-8BB3-4027-A495-84DD9FED17EC}" = Windows Live Sync
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{BEC7BDC8-7A83-4312-9340-1ECDF06C1434}" = Microsoft Works
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE092FB2-4B8D-4C02-AEDA-D8DE697F7794}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{F89BC188-8EEB-4867-BA48-7AA5E43B184A}" = Manuály TOSHIBA
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E-Poradca CD Vzory zmlúv, žalôb a podaní 2006" = E-Poradca CD Vzory zmlúv, žalôb a podaní 2006
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IntrakDC_is1" = IntrakDC 2.03
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.3.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"Picasa2" = Picasa 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FIFA 10 Grafický patch " = FIFA 10 Grafický patch
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

OTL logfile created on: 25. 12. 2009 14:55:38 - Run 1
OTL by OldTimer - Version 3.1.20.0 Folder = C:\Users\tomas\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 77,79 Gb Free Space | 66,90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 115,13 Gb Total Space | 49,57 Gb Free Space | 43,06% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOMAS-PC
Current User Name: tomas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/25 14:52:35 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\tomas\Desktop\OTL.exe
PRC - [2009/12/20 16:54:42 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/13 17:52:50 | 01,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/21 16:55:30 | 00,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
PRC - [2009/07/02 16:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/04/11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/08/25 08:58:20 | 00,077,824 | ---- | M] (Toshiba) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/08/14 09:40:44 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008/08/14 09:40:36 | 01,348,904 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/07/18 19:39:30 | 00,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/25 14:06:10 | 00,150,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/06/25 14:06:06 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/06/25 14:06:02 | 00,145,944 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/06/25 14:05:58 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/04/26 14:57:06 | 00,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008/04/24 12:03:12 | 00,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 09:39:02 | 00,667,648 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2008/04/16 23:21:24 | 01,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/16 23:19:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/16 23:19:16 | 00,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/08 14:14:50 | 06,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/19 12:35:42 | 00,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/17 15:27:52 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/01/17 15:27:34 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/12/03 16:03:52 | 00,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 16:23:32 | 00,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 15:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2009/12/25 14:52:35 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\tomas\Desktop\OTL.exe
MOD - [2009/04/11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/13 15:25:00 | 00,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/10/29 12:27:54 | 01,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/21 16:55:30 | 00,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009/07/02 16:36:52 | 00,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/02/18 19:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/08/25 08:58:20 | 00,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 19:39:30 | 00,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/07/17 11:10:26 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/04/16 23:19:48 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 15:27:34 | 00,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 16:03:52 | 00,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 16:23:32 | 00,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/05 11:10:12 | 00,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 15:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2009/11/16 03:13:14 | 00,216,576 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/10/08 18:08:14 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/06/18 17:48:04 | 00,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/06/18 17:48:04 | 00,042,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/04/23 10:15:06 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/11/17 14:40:22 | 03,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/08/14 09:40:40 | 00,203,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/07/18 17:52:16 | 00,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/07/15 18:59:06 | 00,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/06/20 11:37:06 | 00,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/06/12 17:43:16 | 02,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/15 16:53:44 | 00,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/09 17:00:04 | 02,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/02/23 03:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/02/15 17:01:18 | 00,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/09 13:00:52 | 00,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/07/30 10:54:02 | 00,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 09:42:58 | 00,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/28 14:11:00 | 01,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 13:11:14 | 00,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/23 15:32:20 | 00,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 10:50:04 | 00,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... bmod=TSEA;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEA


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... bmod=TSEA;
IE - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jaspi.justice.gov.sk/jaspiw1/jaspiw_maxi_fr0.htm
IE - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\S-1-5-21-780225239-1986463592-3353061800-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.5
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.4

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/20 16:54:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/20 16:54:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009/10/08 16:34:30 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\mozilla\Extensions
[2009/12/25 12:44:26 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\mozilla\Firefox\Profiles\y7jc0eju.default\extensions
[2009/10/24 11:18:44 | 00,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\tomas\AppData\Roaming\mozilla\Firefox\Profiles\y7jc0eju.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/29 13:57:15 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\mozilla\Firefox\Profiles\y7jc0eju.default\extensions\personas@christopher.beard
[2009/11/29 14:14:05 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com
[2009/12/12 18:22:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/24 20:37:14 | 00,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009/08/24 20:37:14 | 00,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009/08/24 20:37:14 | 00,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009/08/24 20:37:14 | 00,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009/08/24 20:37:14 | 00,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009/08/24 20:37:14 | 00,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: (734 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-780225239-1986463592-3353061800-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-780225239-1986463592-3353061800-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\PRÁCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O7 - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O15 - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-780225239-1986463592-3353061800-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ce9ff71d-c847-11de-8a9a-001e33b0a431}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 03:34:27 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 7 Days ==========

[2009/12/25 14:52:44 | 00,000,000 | ---D | C] -- C:\Users\tomas\AppData\Local\Adobe
[2009/12/25 14:52:26 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\tomas\Desktop\OTL.exe
[2009/12/25 14:50:30 | 00,000,000 | ---D | C] -- C:\Users\tomas\Desktop\GooredFix Backups
[2009/12/25 14:49:23 | 00,071,848 | ---- | C] (jpshortstuff) -- C:\Users\tomas\Desktop\GooredFix.exe
[2009/12/25 14:08:08 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/12/25 14:07:56 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/12/25 14:07:39 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2009/12/25 14:07:29 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/12/25 13:57:47 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/12/25 13:57:21 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/12/25 13:57:07 | 00,000,000 | ---D | C] -- C:\Windows\LastGood
[2009/12/25 12:37:21 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/12/24 14:25:51 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/24 14:25:51 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/24 14:25:50 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/24 14:25:50 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/24 14:25:50 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/24 14:25:49 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/24 14:25:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/24 14:25:49 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/24 14:25:48 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/24 14:25:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/24 14:25:47 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/24 14:25:47 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/24 14:25:47 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/24 14:25:46 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/24 14:24:25 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/12/24 14:24:25 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/12/24 14:24:24 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/12/24 14:24:24 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/12/24 14:24:24 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/12/24 14:24:23 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/12/24 14:24:23 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/12/24 14:24:23 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/12/24 14:24:22 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/12/24 14:24:22 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/12/24 14:24:22 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/12/24 14:24:22 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/12/24 14:24:21 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/12/24 14:24:21 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/12/24 14:24:21 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/12/24 14:24:21 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/12/24 14:24:20 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/12/24 14:24:20 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/12/24 14:24:19 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/12/24 14:24:19 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/12/24 14:24:19 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/12/24 14:24:17 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/12/24 14:24:17 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/12/24 14:24:17 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/12/24 14:24:16 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/12/24 14:24:16 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/12/24 14:24:16 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/12/24 14:24:16 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/12/23 00:37:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2009/12/23 00:37:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Norton
[2009/12/23 00:37:25 | 00,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2009/12/21 21:29:13 | 00,000,000 | ---D | C] -- C:\Program Files\E-Poradca CD Vzory 2006
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\tomas\Desktop\*.tmp files -> C:\Users\tomas\Desktop\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2009/12/25 14:57:39 | 03,407,872 | -HS- | M] () -- C:\Users\tomas\ntuser.dat
[2009/12/25 14:52:35 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\tomas\Desktop\OTL.exe
[2009/12/25 14:50:00 | 00,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-780225239-1986463592-3353061800-1000UA.job
[2009/12/25 14:49:23 | 00,071,848 | ---- | M] (jpshortstuff) -- C:\Users\tomas\Desktop\GooredFix.exe
[2009/12/25 14:34:25 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/25 14:34:25 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/25 13:08:47 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/25 13:08:47 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/25 13:08:47 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/25 12:34:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/25 02:22:06 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/24 16:39:49 | 00,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-780225239-1986463592-3353061800-1000Core.job
[2009/12/24 14:28:27 | 00,524,288 | -HS- | M] () -- C:\Users\tomas\ntuser.dat{f7bc078f-c084-11de-b5b5-001e33b0a431}.TMContainer00000000000000000001.regtrans-ms
[2009/12/24 14:28:27 | 00,065,536 | -HS- | M] () -- C:\Users\tomas\ntuser.dat{f7bc078f-c084-11de-b5b5-001e33b0a431}.TM.blf
[2009/12/24 00:54:24 | 03,988,576 | -H-- | M] () -- C:\Users\tomas\AppData\Local\IconCache.db
[2009/12/22 16:12:16 | 00,027,648 | ---- | M] () -- C:\Users\tomas\Desktop\okamžité skončenie pracovného pomeru MPL.doc
[2009/12/22 15:29:00 | 00,028,672 | ---- | M] () -- C:\Users\tomas\Desktop\okamžité.doc
[2009/12/22 13:36:28 | 00,002,188 | ---- | M] () -- C:\Users\tomas\Documents\cc_20091222_133624.reg
[2009/12/22 10:02:37 | 00,027,136 | ---- | M] () -- C:\Users\tomas\Desktop\výpoveď MPL TRADING spol.doc
[2009/12/22 10:00:02 | 00,002,693 | ---- | M] () -- C:\Users\tomas\Desktop\Office Word 2003.lnk
[2009/12/21 23:24:42 | 00,027,136 | ---- | M] () -- C:\Users\tomas\Desktop\Výpoveď.doc
[2009/12/21 21:36:43 | 00,000,130 | ---- | M] () -- C:\Windows\eporadca_0611v.ini
[2009/12/21 16:12:26 | 00,028,160 | ---- | M] () -- C:\Users\tomas\Desktop\V.doc
[2009/12/21 08:30:15 | 00,025,088 | ---- | M] () -- C:\Users\tomas\Desktop\čestné vyhlásenie.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\tomas\Desktop\*.tmp files -> C:\Users\tomas\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/24 14:25:48 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/12/22 16:12:16 | 00,027,648 | ---- | C] () -- C:\Users\tomas\Desktop\okamžité skončenie pracovného pomeru MPL.doc
[2009/12/22 15:29:00 | 00,028,672 | ---- | C] () -- C:\Users\tomas\Desktop\okamžité.doc
[2009/12/22 13:36:26 | 00,002,188 | ---- | C] () -- C:\Users\tomas\Documents\cc_20091222_133624.reg
[2009/12/22 10:02:36 | 00,027,136 | ---- | C] () -- C:\Users\tomas\Desktop\výpoveď MPL TRADING spol.doc
[2009/12/21 23:24:42 | 00,027,136 | ---- | C] () -- C:\Users\tomas\Desktop\Výpoveď.doc
[2009/12/21 21:36:43 | 00,000,130 | ---- | C] () -- C:\Windows\eporadca_0611v.ini
[2009/12/21 16:12:26 | 00,028,160 | ---- | C] () -- C:\Users\tomas\Desktop\V.doc
[2009/12/21 08:30:15 | 00,025,088 | ---- | C] () -- C:\Users\tomas\Desktop\čestné vyhlásenie.doc
[2009/11/18 08:58:03 | 00,004,096 | -H-- | C] () -- C:\Users\tomas\AppData\Local\keyfile3.drm
[2009/10/31 20:03:13 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/10/31 20:03:09 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/10/31 20:03:09 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/10/31 20:03:08 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/10/31 20:03:06 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/10/31 20:03:06 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/10/09 00:17:57 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/08 21:43:43 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/10/08 18:13:32 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/08 18:09:24 | 00,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/10/08 18:08:14 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/10/07 15:01:00 | 00,050,688 | ---- | C] () -- C:\Users\tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 14:46:51 | 00,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/10/07 14:46:51 | 00,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/10/07 14:46:51 | 00,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/10/07 14:46:51 | 00,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/03/05 06:54:58 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/08/07 07:20:38 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/08/07 07:20:35 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/07/17 11:24:53 | 00,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/07/17 11:02:34 | 00,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/07/17 11:02:34 | 00,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/07/17 11:02:34 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/07/17 11:02:34 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/07/17 11:02:34 | 00,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/07/17 11:02:34 | 00,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/07/17 09:55:03 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/04/07 10:38:32 | 00,005,746 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/10/18 21:33:18 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\BSplayer
[2009/10/11 21:07:37 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\BSplayer Pro
[2009/10/08 21:35:25 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\DAEMON Tools Lite
[2009/11/24 20:59:44 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\ICAClient
[2009/10/20 15:00:55 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\Leadertech
[2009/10/09 09:04:11 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\Toshiba
[2009/10/24 11:18:44 | 00,000,000 | ---D | M] -- C:\Users\tomas\AppData\Roaming\uTorrent
[2009/12/24 14:28:55 | 00,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2008/01/21 03:24:50 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2008/01/21 03:24:05 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2008/04/15 16:53:44 | 00,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/04/15 16:54:16 | 00,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/04/15 16:53:44 | 00,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008/04/15 16:53:44 | 00,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2008/03/12 07:38:18 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2006/11/02 10:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/21 03:23:00 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2008/03/12 07:38:18 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2008/03/12 07:24:20 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
[2009/04/11 07:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/01/21 03:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/03/25 04:22:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008/01/21 03:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2006/11/02 10:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008/03/26 04:38:23 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008/01/21 03:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/03/26 04:38:23 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2008/01/21 03:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/03/25 04:22:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008/01/21 03:23:01 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >

Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.

alwarebytes' Anti-Malware 1.42
Verzia databázy: 3441
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

27. 12. 2009 20:57:54
mbam-log-2009-12-27 (20-57-54).txt

Typ kontroly: Úplná (C:\|E:\|)
Objektov kontrolovaných: 273053
Uplynutý cas: 1 hour(s), 16 minute(s), 45 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

Nic tam nevidno...cize mame dve moznosti - rypat sa v tom dalej, alebo skusit najst a zistit dalsie priciny spomalenie nez malware.

Ktoru si vyberieme? Mam poslat dalsie navody?

tak ty si odbornik, necham to na teba

No odbornik...tak dakujem, beriem to ako kompliment
Tu ale ide skor o teba, ci mas chut ist do toho. Beriem to teda ako ano:

1) Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!


2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a nastavis program podla obrazku:

Klik na "Scan". Po scane klik na "Save" a log c. 2 vloz sem.

Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.

ComboFix 09-12-27.03 - tomas . 12. 2009 11:02:46.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.2939.2152 [GMT 1:00]
Running from: c:\users\tomas\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\tomas\Documents\cc_20091222_133624.reg

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))))
.

2009-12-28 09:59 . 2009-12-28 09:59 -------- d-----w- C:\32788R22FWJFW
2009-12-27 18:39 . 2009-12-27 18:39 -------- d-----w- c:\users\tomas\AppData\Roaming\Malwarebytes
2009-12-27 18:38 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-27 18:38 . 2009-12-27 18:38 -------- d-----w- c:\programdata\Malwarebytes
2009-12-27 18:38 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-27 15:47 . 2009-12-27 18:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 13:52 . 2009-12-25 13:53 -------- d-----w- c:\users\tomas\AppData\Local\Adobe
2009-12-25 13:08 . 2009-12-25 13:08 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-25 13:07 . 2009-12-25 13:08 -------- d-----w- c:\program files\Windows Live
2009-12-25 13:07 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-12-25 13:07 . 2009-12-25 13:07 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-25 12:57 . 2009-12-27 15:51 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-25 12:57 . 2009-12-25 13:08 -------- d-----w- c:\program files\Microsoft
2009-12-24 13:24 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-12-22 23:37 . 2009-12-23 13:24 -------- d-----w- c:\programdata\Norton
2009-12-22 23:37 . 2009-12-22 23:37 -------- d-----w- c:\programdata\Symantec
2009-12-22 23:37 . 2009-12-22 23:37 -------- d-----w- c:\programdata\NortonInstaller
2009-12-21 20:29 . 2009-12-21 20:29 -------- d-----w- c:\program files\E-Poradca CD Vzory 2006
2009-12-10 02:04 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 02:04 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 02:04 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 08:40 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 08:39 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-04 13:59 . 2009-12-04 14:00 -------- d-----w- c:\users\PRÁCA
2009-11-29 13:14 . 2009-11-29 13:14 -------- d-----w- c:\users\tomas\AppData\Local\Cooliris
2009-11-29 13:14 . 2009-10-20 12:33 103424 ----a-w- c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\libs\pixomatic.dll
2009-11-29 13:14 . 2009-10-20 12:33 545280 ----a-w- c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
2009-11-29 13:14 . 2009-10-20 12:33 4716544 ----a-w- c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\components\cooliris.dll
2009-11-29 13:14 . 2009-10-20 12:33 344064 ----a-w- c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
2009-11-29 13:14 . 2009-10-20 12:33 153600 ----a-w- c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-22 20:38 . 2009-10-08 17:17 -------- d-----w- c:\program files\DivX
2009-12-12 17:22 . 2008-07-17 09:21 -------- d-----w- c:\program files\Java
2009-12-10 02:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-24 19:59 . 2009-11-24 19:58 -------- d-----w- c:\users\tomas\AppData\Roaming\ICAClient
2009-11-24 19:58 . 2009-11-24 19:58 73728 ----a-r- c:\users\tomas\AppData\Roaming\Microsoft\Installer\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
2009-11-24 19:58 . 2009-11-24 19:58 73728 ----a-r- c:\users\tomas\AppData\Roaming\Microsoft\Installer\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}\ARPICON.exe
2009-11-21 06:40 . 2009-12-24 13:25 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-24 13:25 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-24 13:25 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-24 13:25 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 23:20 . 2008-07-17 09:46 -------- d-----w- c:\program files\Toshiba
2009-11-20 17:41 . 2008-07-17 09:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-19 19:35 . 2009-11-19 19:35 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-19 19:35 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-19 19:35 . 2009-11-19 19:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-16 02:13 . 2009-11-16 02:13 216576 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2009-11-15 21:01 . 2009-11-15 21:01 -------- d-----w- c:\program files\Activision
2009-11-15 21:00 . 2008-07-17 09:36 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-14 21:20 . 2009-11-14 21:20 -------- d-----w- c:\program files\Trend Micro
2009-11-12 06:24 . 2009-11-12 06:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2009-11-08 15:00 . 2009-11-08 15:00 -------- d-----w- c:\program files\LogMeIn Hamachi
2009-11-02 19:42 . 2009-10-08 15:32 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 19:03 . 2009-10-31 19:03 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-29 11:11 . 2009-10-29 11:11 -------- d-----w- c:\program files\IntrakDC
2009-10-29 09:17 . 2009-11-25 12:42 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-27 18:00 . 2009-10-31 19:03 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-16 16:42 . 2009-10-16 16:42 16461 ----a-w- c:\windows\War3Unin.dat
2009-10-16 16:42 . 2009-10-16 16:42 2829 ----a-w- c:\windows\War3Unin.pif
2009-10-16 16:42 . 2009-10-16 16:42 126976 ----a-w- c:\windows\War3Unin.exe
2009-10-14 14:18 . 2009-10-14 14:18 489720 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-11 03:17 . 2009-10-08 15:53 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 17:11 . 2009-10-07 13:48 96320 ----a-w- c:\users\tomas\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-08 21:08 . 2009-11-19 19:29 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-19 19:29 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-19 19:29 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 17:13 . 2009-10-08 17:13 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-10-08 17:08 . 2009-10-08 17:08 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-01 01:02 . 2009-11-19 19:30 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-19 19:30 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-19 19:30 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-19 19:30 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-19 19:30 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-19 19:30 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-19 19:30 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-19 19:30 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-19 19:30 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-19 19:30 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-19 19:30 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-19 19:30 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-11-13 14:25 . 2009-11-13 14:25 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"NDSTray.exe"="NDSTray.exe" [BU]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\users\PRµCA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2008-09-26 12:22 417792 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-11-13 14:25 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-08 15:40 133104 ----atw- c:\users\tomas\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
2009-07-21 15:55 1045904 ----a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):d4,28,c6,c5,75,48,ca,01

R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [16. 4. 2008 23:19 40960]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29. 10. 2009 12:27 1074568]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [21. 7. 2009 16:55 116104]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [3. 12. 2007 16:03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [17. 7. 2008 10:55 7168]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [7. 8. 2008 7:20 112128]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18. 6. 2009 17:48 42480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17. 11. 2008 14:40 3668480]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [25. 8. 2008 8:58 77824]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [8. 10. 2009 18:08 721904]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:23 21504]
S3 GoogleDesktopManager-110309-193829;Správca pre program Google Desktop 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [17. 7. 2008 11:10 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://jaspi.justice.gov.sk/jaspiw1/jaspiw_maxi_fr0.htm
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
FF - ProfilePath - c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\
FF - prefs.js: browser.startup.homepage - google.sk
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\tomas\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\y7jc0eju.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\tomas\AppData\Roaming\Mozilla\plugins\npicaN.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-28 11:10
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????<?%????P?\?x?\???\???\??

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-12-28 11:12:40
ComboFix-quarantined-files.txt 2009-12-28 10:12

Pre-Run: 81 506 201 600 bytes free
Post-Run: 81 283 915 776 bytes free

- - End Of File - - 8DE6DFBAB1691FB087F585868ADF3AD3


idem este spustit ten druhy scan

Dobre, medzitym sa spytat ja teba...toto poznas/mas to tam narocky?

hej instaloval som si to ale uz skor... myslis ze to moze tak spomalovat mozilu a kvoli tomu zabera aj tolko pamate?? cez ten druhy program nemozem vytvorit log lebo pocas scanu mi stale vyhodi modre okno a sa restartuje windows,skusal som to asi 3x uz

No moze byt, je to zahrabane v profile FF. Skus to dat prec (najlepsie cez Revo Uninstaller) a daj echo, ci sa stav nezlepsil.

tak v spravcovi uloh klesla pamat zo 180.000 na 50.000 tak to zrejme bolo to este musim otestovat ci bude taka spomalena ta mozila, dakujem

Dobre. Kazdopadne to docistime, nech ti tam AM programy nesvietia

1) Docistime to:

• Odinstaluj Combofix:
  Start -> Spustit -> (napis) combofix /uninstall

• Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).

• Precisti PC CCleanerom (vratane registrov).

• Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).

2) Vloz log z HJT.

V pripade nezrovnalosti sa >>tu<< nachadza navod.

Ahojte Ludia mam mensi problem s Eset nod 32 potrebujem ho odinstalovat ale pyta ma heslo a ja ho neviem ako mam odisntalovat Nod eset32

Ludkovia som tu prvi krat takze neviem ako to tu bezi s odpovedami na moje otazky.???napise mi to niekto Velmi pekne dakujem

myslim, ze odpovde sa tu nevynucuju. Ak niekto vie, odpovie, nevie - radsej neodpovie aby to neznelo ako OT. Alebo aj ked niekto vie, len ti neodpovie, pretoze tu NIE JE.
skus pouzit toto: http://www.revouninstaller.com/revo_uni ... nload.html