. PC posiela spam do FB chatov s nejakym linkom.. (PS. PC neni moj, patri mojmu brachovi a preto aj stupen zabespecenia stoji za deravu ponozku)Logfile of random's system information tool 1.09 (written by random/random)
Run by Thomas at 2011-10-28 15:32:17
Microsoft Windows 7 Ultimate
System drive C: has 2 GB (4%) free of 41 GB
Total RAM: 2043 MB (56% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\y8z096z3.default
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, webmaster@keep-tube.com:1.2, engine@conduit.com:3.3.3.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.3.3.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\y8z096z3.default\extensions\
engine@conduit.com
webmaster@keep-tube.com
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\y8z096z3.default\searchplugins\
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"ABBYY Screenshot Reader Retail"=C:\Program Files\ABBYY Screenshot Reader\ScreenShotReader.exe [2008-10-16 959776]
"Bonus.SSR.FR10"=C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-10-15 941320]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"LogMeIn Hamachi Ui"=E:\TOMAS SOBOTA\Programy\Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 90624]
"ABBYY Screenshot Reader Bonus"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
E:\TOMAS SOBOTA\Programy\Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-05-10 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Thomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
C:\PROGRA~1\LimeWire\LimeWire.exe -startup []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe
C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LaunchU3.exe.lnk - C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe
MP3 Rocket (Minimized).lnk - C:\Program Files\MP3 Rocket\MP3Rocket.exe
stepx2.exe
WINLOGO.exe
WINLOGOS.exe
Xacti Screen Capture 1.1.lnk - C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{37327654-EBF7-410C-9161-C24D68E02753}\_E47B9B72500055712D025F.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=vdrcodec.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.ACDV"=ACDV.dll
"msacm.vorbis"=vorbis.acm
"VIDC.MJPG"=pvmjpg30.dll
"vidc.mjpx"=Pvmjpg30.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - edit -
.reg - open - c:\Winnt\Regedit.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-10-28 15:31:35 ----A---- C:\Users\Thomas\AppData\Roaming\42AB.exe
2011-10-28 15:31:30 ----A---- C:\Users\Thomas\AppData\Roaming\3033.exe
2011-10-28 15:25:24 ----D---- C:\rsit
2011-10-28 15:25:24 ----D---- C:\Program Files\trend micro
2011-10-28 13:31:20 ----A---- C:\Users\Thomas\AppData\Roaming\557F.exe
2011-10-28 13:31:10 ----A---- C:\Users\Thomas\AppData\Roaming\318A.exe
2011-10-28 11:12:04 ----A---- C:\Users\Thomas\AppData\Roaming\2EAE.exe
2011-10-28 11:11:57 ----A---- C:\Users\Thomas\AppData\Roaming\141C.exe
2011-10-27 19:07:13 ----A---- C:\Users\Thomas\AppData\Roaming\402E.tmp
2011-10-27 18:58:06 ----A---- C:\Users\Thomas\AppData\Roaming\E300.exe
2011-10-27 18:26:54 ----A---- C:\Users\Thomas\AppData\Roaming\536D.exe
2011-10-27 18:26:46 ----A---- C:\Users\Thomas\AppData\Roaming\3513.exe
2011-10-27 12:26:45 ----A---- C:\Users\Thomas\AppData\Roaming\8594.exe
2011-10-27 12:26:40 ----A---- C:\Users\Thomas\AppData\Roaming\709D.exe
2011-10-26 21:55:24 ----A---- C:\Users\Thomas\AppData\Roaming\4DF1.exe
2011-10-26 21:55:19 ----A---- C:\Users\Thomas\AppData\Roaming\3B2B.exe
2011-10-26 16:47:32 ----A---- C:\Users\Thomas\AppData\Roaming\37E2.exe
2011-10-26 16:47:29 ----A---- C:\Users\Thomas\AppData\Roaming\2D08.exe
2011-10-26 13:49:22 ----A---- C:\Users\Thomas\AppData\Roaming\6692.exe
2011-10-26 13:49:07 ----A---- C:\Users\Thomas\AppData\Roaming\2A9A.exe
2011-10-25 21:28:19 ----A---- C:\Users\Thomas\AppData\Roaming\8121.exe
2011-10-25 21:28:13 ----A---- C:\Users\Thomas\AppData\Roaming\6B8E.exe
2011-10-25 17:27:18 ----A---- C:\Users\Thomas\AppData\Roaming\37A.exe
2011-10-25 17:27:10 ----A---- C:\Users\Thomas\AppData\Roaming\E4B3.exe
2011-10-25 16:36:08 ----A---- C:\Users\Thomas\AppData\Roaming\5E.exe
2011-10-25 16:36:04 ----A---- C:\Users\Thomas\AppData\Roaming\EDF6.exe
2011-10-25 15:31:54 ----A---- C:\Users\Thomas\AppData\Roaming\41D0.exe
2011-10-25 13:58:56 ----A---- C:\Users\Thomas\AppData\Roaming\12D5.exe
2011-10-25 13:58:51 ----A---- C:\Users\Thomas\AppData\Roaming\FED7.exe
2011-10-25 13:30:21 ----A---- C:\Users\Thomas\AppData\Roaming\4BCF.exe
2011-10-25 13:30:17 ----A---- C:\Users\Thomas\AppData\Roaming\39D4.exe
2011-10-24 21:02:49 ----A---- C:\Users\Thomas\AppData\Roaming\3929.exe
2011-10-24 21:02:41 ----A---- C:\Users\Thomas\AppData\Roaming\1AA1.exe
2011-10-24 15:59:28 ----A---- C:\Users\Thomas\AppData\Roaming\57FF.exe
2011-10-24 15:59:24 ----A---- C:\Users\Thomas\AppData\Roaming\4587.exe
2011-10-24 10:31:52 ----A---- C:\Users\Thomas\AppData\Roaming\366C.exe
2011-10-24 10:31:43 ----A---- C:\Users\Thomas\AppData\Roaming\116D.exe
2011-10-17 20:26:47 ----A---- C:\Users\Thomas\AppData\Roaming\A1DA.exe
2011-10-17 20:26:42 ----A---- C:\Users\Thomas\AppData\Roaming\8E4A.exe
2011-10-17 15:59:56 ----A---- C:\Users\Thomas\AppData\Roaming\3727.exe
2011-10-17 15:59:52 ----A---- C:\Users\Thomas\AppData\Roaming\2442.exe
2011-10-17 10:52:20 ----A---- C:\Users\Thomas\AppData\Roaming\AC46.exe
2011-10-17 10:52:15 ----A---- C:\Users\Thomas\AppData\Roaming\9980.exe
2011-10-16 15:38:18 ----A---- C:\Users\Thomas\AppData\Roaming\4C8A.exe
2011-10-16 15:38:13 ----A---- C:\Users\Thomas\AppData\Roaming\3783.exe
2011-10-16 10:34:24 ----A---- C:\Users\Thomas\AppData\Roaming\367B.exe
2011-10-16 10:34:20 ----A---- C:\Users\Thomas\AppData\Roaming\25E7.exe
2011-10-16 10:20:37 ----A---- C:\Users\Thomas\AppData\Roaming\61A.tmp
2011-10-16 10:20:34 ----A---- C:\Users\Thomas\AppData\Roaming\F7C7.exe
2011-10-16 10:20:24 ----A---- C:\Users\Thomas\AppData\Roaming\D039.exe
2011-10-13 00:10:23 ----A---- C:\Users\Thomas\AppData\Roaming\E752.exe
2011-10-13 00:10:19 ----A---- C:\Users\Thomas\AppData\Roaming\D4EA.exe
2011-10-12 21:27:12 ----A---- C:\Users\Thomas\AppData\Roaming\C072.exe
2011-10-12 21:27:08 ----A---- C:\Users\Thomas\AppData\Roaming\B06A.exe
2011-10-12 16:41:13 ----A---- C:\Users\Thomas\AppData\Roaming\79B2.exe
2011-10-12 16:41:09 ----A---- C:\Users\Thomas\AppData\Roaming\698B.exe
2011-10-12 16:07:45 ----A---- C:\Users\Thomas\AppData\Roaming\E2D0.exe
2011-10-12 16:07:40 ----A---- C:\Users\Thomas\AppData\Roaming\CC72.exe
2011-10-11 22:17:24 ----A---- C:\Users\Thomas\AppData\Roaming\8539.tmp
2011-10-11 22:17:18 ----A---- C:\Users\Thomas\AppData\Roaming\6D26.exe
2011-10-11 22:17:12 ----A---- C:\Users\Thomas\AppData\Roaming\56A9.exe
2011-10-07 21:53:21 ----A---- C:\Users\Thomas\AppData\Roaming\3B7.exe
2011-10-07 12:50:49 ----A---- C:\Users\Thomas\AppData\Roaming\250.exe
2011-10-07 10:56:54 ----A---- C:\Users\Thomas\AppData\Roaming\D96.exe
2011-10-06 23:12:14 ----A---- C:\Users\Thomas\AppData\Roaming\D7F6.exe
2011-10-06 18:54:34 ----A---- C:\Users\Thomas\AppData\Roaming\2664.exe
2011-10-06 18:08:23 ----A---- C:\Users\Thomas\AppData\Roaming\21A3.exe
2011-10-06 13:01:02 ----A---- C:\Users\Thomas\AppData\Roaming\B1B1.exe
2011-10-06 12:35:56 ----A---- C:\Users\Thomas\AppData\Roaming\E2EF.exe
2011-10-06 12:35:51 ----A---- C:\Users\Thomas\AppData\Roaming\CFAD.tmp
2011-10-05 22:02:45 ----A---- C:\Users\Thomas\AppData\Roaming\E81C.exe
======List of files/folders modified in the last 1 month======
2011-10-28 15:31:23 ----D---- C:\Windows\Temp
2011-10-28 15:25:24 ----RD---- C:\Program Files
2011-10-28 13:31:12 ----D---- C:\Windows\Prefetch
2011-10-28 11:17:09 ----SHD---- C:\System Volume Information
2011-10-28 11:15:22 ----D---- C:\Windows\system32\config
2011-10-26 18:07:48 ----D---- C:\Windows\System32
2011-10-26 18:07:48 ----D---- C:\Windows\inf
2011-10-26 18:07:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-25 17:24:42 ----D---- C:\Windows\system32\catroot2
2011-10-23 12:21:21 ----D---- C:\Users\Thomas\AppData\Roaming\vlc
2011-10-22 18:09:00 ----SHD---- C:\Windows\Installer
2011-10-20 22:32:22 ----SD---- C:\Users\Thomas\AppData\Roaming\Microsoft
2011-10-19 19:14:20 ----D---- C:\Program Files\VDownloader
2011-10-13 18:33:40 ----D---- C:\Windows\system32\NDF
2011-10-12 23:06:01 ----A---- C:\Windows\NeroDigital.ini
2011-10-08 13:47:57 ----D---- C:\Windows
2011-10-06 19:33:41 ----D---- C:\Program Files\ABBYY PDF Transformer 3.0
2011-10-06 19:33:41 ----D---- C:\Program Files\ABBYY FineReader 10
2011-09-30 12:52:40 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-12 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-05-18 281504]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-05-18 25888]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2009-10-27 10368]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 an2jxv6m;an2jxv6m; C:\Windows\system32\drivers\an2jxv6m.sys []
S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series; C:\Windows\system32\DRIVERS\athru6.sys [2007-07-05 873472]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-07-22 814344]
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0;ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe [2008-10-16 759072]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 – Licenčná služba; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2010-02-01 759048]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSID4B4.tmp [2011-05-19 177784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-20 136176]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; E:\TOMAS SOBOTA\Programy\Hamachi\hamachi-2.exe -s []
S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-11 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-20 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
To je dobre ze se ti neco nezda, vsak jsi byl u nas ve skole a snad i zaklady detekce jsi se naucil - tam je cela rodinka koniku trojskych 
TO asi neni log z ComboFixu 
. mozete lock 
Přispějete na provoz fóra?