services.exe

[G0dzila]

:44 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Utils\e1e3b91f9adf435920a1d1d537bedacc\MediaManager.Utils.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 261120 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Splash#\2e15d96cf9967ab74f40702960a7aa01\MediaManager.SplashScreen.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 949760 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.GUI\5ff8fa358684955acc01f8b17d01f68e\MediaManager.GUI.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 856576 c:\windows\assembly\NativeImages_v2.0.50727_32\Lucene.Net\970d598c945b62bd5937d7b29acb09bf\Lucene.Net.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 657920 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\8e951d64654fb3163881df928410c03e\log4net.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 812032 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WMPLib\04391120f7a0981f9a660f864f5c37cf\Interop.WMPLib.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 311808 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SHDocVw\b40da0eeceb769ab18dec2acac373ac2\Interop.SHDocVw.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 204288 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOLibrary\a98cb2110ca7579ac71942173fad4f4d\Interop.QTOLibrary.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 100864 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\b50ecab7a2c5049423c7eb4d626d177c\Interop.IWshRuntimeLibrary.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 374784 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBCONTROL#\7e528c5a5c9ef2121536a24a750f1d4f\Interop.CDDBCONTROLLibSMS.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 210432 c:\windows\assembly\NativeImages_v2.0.50727_32\GCPlayer\9b3b0bf857a19fcb1f78b93b2ccb40f9\GCPlayer.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-14 17:44 . 2009-10-14 17:44 151552 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.WMPLib\9d14989fb843fa74a5441fd07a7e451c\AxInterop.WMPLib.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.SHDocVw\a3e06f4182e53c6404883797e8419e82\AxInterop.SHDocVw.ni.dll
+ 2009-10-14 17:42 . 2009-10-14 17:42 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-14 12:53 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
- 2002-09-23 12:00 . 2009-07-03 16:59 1208832 c:\windows\system32\urlmon.dll
+ 2002-09-23 12:00 . 2009-08-29 07:58 1208832 c:\windows\system32\urlmon.dll
- 2002-09-23 12:00 . 2008-04-14 03:21 1437696 c:\windows\system32\query.dll
+ 2002-09-23 12:00 . 2009-07-17 16:17 1437696 c:\windows\system32\query.dll
+ 2006-10-17 10:57 . 2009-08-29 07:58 1985536 c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2009-07-03 16:59 1985536 c:\windows\system32\iertutil.dll
- 2006-10-23 15:19 . 2009-07-03 16:59 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2006-10-23 15:19 . 2009-08-29 07:58 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:17 . 2009-07-17 16:17 1437696 c:\windows\system32\dllcache\query.dll
- 2008-10-16 14:50 . 2009-02-09 11:26 2025984 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-16 14:50 . 2009-08-04 17:29 2025984 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-16 14:50 . 2009-02-09 11:26 2147328 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-16 14:50 . 2009-08-04 17:29 2147328 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-05-09 11:26 . 2009-07-03 16:59 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 11:26 . 2009-08-29 07:58 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 19:35 . 2007-04-13 19:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 19:35 . 2007-04-13 19:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-13 18:50 . 2007-04-13 18:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-09-04 13:31 . 2009-09-04 13:31 7972864 c:\windows\Installer\1329226.msp
+ 2009-07-27 02:31 . 2009-07-27 02:31 3738624 c:\windows\Installer\132920c.msp
+ 2009-08-20 13:27 . 2009-08-20 13:27 3622400 c:\windows\Installer\13291ee.msp
+ 2009-09-10 20:44 . 2009-09-10 20:44 6704640 c:\windows\Installer\13291da.msp
+ 2006-10-27 13:18 . 2006-10-27 13:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\OGL.DLL
+ 2009-10-14 17:12 . 2009-07-03 16:59 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-14 17:12 . 2009-07-03 16:59 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-10-16 11:33 . 2009-10-16 11:33 1728512 c:\windows\Hewlett-Packard\Setup Files\HP Software Update\{EC391058-A292-41C5-92C7-95C5A09793B8}\HP Update.msi
- 2008-10-16 14:50 . 2009-02-09 11:26 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 14:50 . 2009-08-04 17:29 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-16 14:50 . 2009-02-09 11:26 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-10-16 14:50 . 2009-08-04 17:29 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-14 17:08 . 2009-10-14 17:08 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_a240e0b6\System.dll
+ 2009-10-14 17:07 . 2009-10-14 17:07 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_94e7e738\System.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_76a126d5\System.Xml.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3e19c322\System.Xml.dll
+ 2009-10-14 17:07 . 2009-10-14 17:07 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_fa28b044\System.Windows.Forms.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_71a8b9cb\System.Windows.Forms.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_15f4c4bf\System.Drawing.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_a9f2b001\System.Design.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_05250923\System.Design.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_dd878819\mscorlib.dll
+ 2009-10-14 17:08 . 2009-10-14 17:08 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_af012b71\mscorlib.dll
+ 2009-10-14 17:18 . 2009-10-14 17:18 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2009-10-14 17:21 . 2009-10-14 17:21 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2009-10-14 17:18 . 2009-10-14 17:18 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2009-10-14 17:46 . 2009-10-14 17:46 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2009-10-14 17:45 . 2009-10-14 17:45 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2009-10-14 17:42 . 2009-10-14 17:42 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2009-10-14 17:42 . 2009-10-14 17:42 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2009-10-14 17:19 . 2009-10-14 17:20 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2009-10-14 17:45 . 2009-10-14 17:45 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\ffa1018e8022964eb51025c2c6d8727a\System.Data.OracleClient.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2009-10-14 17:45 . 2009-10-14 17:45 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2009-10-14 17:19 . 2009-10-14 17:19 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1005568 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\0f14300737903eaf47d8237901ba52d8\Sony.MediaSoftware.clrshared.ni.dll
+ 2009-10-14 17:19 . 2009-10-14 17:19 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2009-10-14 17:19 . 2009-10-14 17:19 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2009-10-14 17:18 . 2009-10-14 17:18 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2009-10-14 17:45 . 2009-10-14 17:45 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-10-14 17:44 . 2009-10-14 17:44 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 1663488 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager\d0ebcd54147cd37a6e80c4f9ea8ce71e\MediaManager.ni.exe
+ 2009-10-14 17:43 . 2009-10-14 17:43 7322624 c:\windows\assembly\NativeImages_v2.0.50727_32\AppCommon\fb7b6c0c152712ec35ffe9bab58284ee\AppCommon.ni.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-14 17:15 . 2009-10-14 17:15 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-10-14 17:16 . 2009-10-14 17:16 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-08-15 13:39 . 2009-08-15 13:39 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-10-14 17:07 . 2009-10-14 17:07 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-07-11 10:51 . 2007-07-11 10:51 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-07-11 10:51 . 2007-07-11 10:51 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-14 17:07 . 2009-10-14 17:07 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-01-25 22:48 . 2009-10-02 18:01 25198016 c:\windows\system32\MRT.exe
+ 2006-11-07 20:03 . 2009-08-29 07:58 11069440 c:\windows\system32\ieframe.dll
+ 2007-05-09 11:26 . 2009-08-29 07:58 11069440 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-14 18:32 . 2009-08-14 18:32 11110912 c:\windows\Installer\132922f.msp
+ 2009-08-10 12:09 . 2009-08-10 12:09 17254912 c:\windows\Installer\1329205.msp
+ 2009-10-14 17:12 . 2009-07-19 16:46 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2009-10-14 17:43 . 2009-10-14 17:43 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
+ 2009-10-14 17:20 . 2009-10-14 17:20 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2009-10-14 17:19 . 2009-10-14 17:19 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2009-10-14 17:18 . 2009-10-14 17:18 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2009-10-14 17:17 . 2009-10-14 17:17 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-10 32768]
"OEXPRESS"="c:\windows\OETRN.EXE" [2008-05-12 26624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"PC Suite for Smartphones"="c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-11-08 528384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-21 136600]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"w3dr.exe"="c:\program files\Warcraft III\w3dr.exe" [2008-08-03 61440]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\alcwzrd.exe [2006-03-14 2809344]

c:\documents and settings\PETR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-3-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-3-10 528384]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Vietcong\\Vietcong.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\wincmd\\WINCMD32.EXE"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\PETR\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\aTunes.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Warcraft III\\W3DR.exe"=
"c:\\Program Files\\Warcraft III\\World Editor.exe"=
"c:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"c:\\Documents and Settings\\PETR\\Plocha\\Godzila\\Defcon\\defcon.exe"=
"c:\\Documents and Settings\\All Users\\Dokumenty\\Defcon\\defcon.exe"=
"c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Warcraft III\\euroloader.exe"=
"c:\\Program Files\\Warcraft III\\w3l.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Age of Empires II\\age2_x1.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Age of Empires II\\empires2.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:6112
"6112:UDP"= 6112:UDP:6112

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.10.2009 15:28 114768]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [20.2.2007 16:43 15424]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.10.2009 15:28 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [20.6.2009 19:44 42752]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 13:29 162176]
R3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.sys [25.12.2008 17:31 1670016]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [25.12.2008 17:29 79360]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Magix\Common\Database\bin\fbserver.exe [20.6.2009 17:05 1527900]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 qrzyanckq;QRZYANCKQ;c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe --> c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [22.8.2007 21:36 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [22.8.2007 21:36 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [22.8.2007 21:36 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [22.8.2007 21:36 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [22.8.2007 21:36 98568]
S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4;\??\c:\program files\Ufasoft\Sniffer\usft_sn4.sys --> c:\program files\Ufasoft\Sniffer\usft_sn4.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
TCP: {210FA241-8F7E-462C-B7CF-9F9706216299} = 10.0.0.138,0.0.0.0
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.82.144.83/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\PETR\Data aplikací\Mozilla\Firefox\Profiles\vnf2mb3f.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/skinit/icq/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Eurobattle.net - c:\windows\Eurobattle.net



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 15:26
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d7,bc,64,00,42,fd,30,24,07,44,a1,32,d1,8e,61,1f,e2,36,9f,4f,08,5e,0f,
c2,7d,b8,a7,57,b8,6e,8f,02,b8,f0,d1,66,2d,70,7b,14,88,09,e4,5f,e5,11,99,91,\
"??"=hex:b7,bc,5f,d3,0e,8d,b1,d1,7d,43,be,54,31,ad,2f,34

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e1,87,a4,06,25,c1,81,bc,a3,dc,7a,00,60,76,0c,8d,90,83,a7,3c,e5,
fc,6f,a8,e7,1f,10,89,97,f4,b9,b4,c8,d2,8f,c0,49,6f,8e,87,fc,3b,5c,f3,47,e9,\
"rkeysecu"=hex:64,9c,28,d9,fe,54,af,7d,a7,d9,e1,df,d3,9c,fe,92

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(972)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1028)
c:\windows\system32\imon.dll

- - - - - - - > 'explorer.exe'(3644)
c:\docume~1\PETR\LOCALS~1\Temp\IadHide5.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\TrnOEH.dll
c:\program files\Logitech\SetPoint\HookDll.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\imon.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\UAService7.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2009-10-21 15:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-10-21 13:36
ComboFix2.txt 2009-10-12 17:48

Před spuštěním: Volných bajtů: 12 156 149 760
Po spuštění: Volných bajtů: 12 860 063 744

1227 --- E O F --- 2009-10-20 21:24

[G0dzila]

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[motji]

Start - ovládací panely - možnosti složky - zobrazení - odkrýt skryté a systémové soubory

Dejte soubor otestovat na http://www.virustotal.com

c:\docume~1\PETR\LOCALS~1\Temp\IadHide5.dll
c:\windows\TrnOEH.dll
c:\windows\system32\drivers\skfilt.sys
c:\windows\alcwzrd.exe
c:\windows\system32\browser.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\drivers\asyncmac.sys


Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.


Prosím odinstalujte combofix a stahněte nový a spustte ho, nechte nainstalovat konzoli pro zotavení.

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem




Máte 2antiviry, jeden odinstalujte

[G0dzila]

a-squared 4.5.0.41 2009.10.22 -
AhnLab-V3 5.0.0.2 2009.10.22 -
AntiVir 7.9.1.42 2009.10.22 -
Antiy-AVL 2.0.3.7 2009.10.22 -
Authentium 5.1.2.4 2009.10.22 -
Avast 4.8.1351.0 2009.10.21 -
AVG 8.5.0.423 2009.10.22 -
BitDefender 7.2 2009.10.22 -
CAT-QuickHeal 10.00 2009.10.22 -
ClamAV 0.94.1 2009.10.22 -
Comodo 2689 2009.10.22 -
DrWeb 5.0.0.12182 2009.10.22 -
eSafe 7.0.17.0 2009.10.21 -
eTrust-Vet 35.1.7079 2009.10.22 -
F-Prot 4.5.1.85 2009.10.22 -
F-Secure 9.0.15370.0 2009.10.22 -
Fortinet 3.120.0.0 2009.10.22 -
GData 19 2009.10.22 -
Ikarus T3.1.1.72.0 2009.10.22 -
Jiangmin 11.0.800 2009.10.22 -
K7AntiVirus 7.10.876 2009.10.21 -
Kaspersky 7.0.0.125 2009.10.22 -
McAfee 5778 2009.10.21 -
McAfee+Artemis 5778 2009.10.21 -
McAfee-GW-Edition 6.8.5 2009.10.22 -
Microsoft 1.5202 2009.10.22 -
NOD32 4533 2009.10.22 -
Norman 6.03.02 2009.10.21 -
nProtect 2009.1.8.0 2009.10.22 -
Panda 10.0.2.2 2009.10.21 -
PCTools 4.4.2.0 2009.10.19 -
Prevx 3.0 2009.10.22 -
Rising 21.52.33.00 2009.10.22 -
Sophos 4.46.0 2009.10.22 -
Sunbelt 3.2.1858.2 2009.10.22 -
Symantec 1.4.4.12 2009.10.22 -
TheHacker 6.5.0.2.050 2009.10.22 -
TrendMicro 8.950.0.1094 2009.10.22 -
VBA32 3.12.10.11 2009.10.22 -
ViRobot 2009.10.22.2001 2009.10.22 -
VirusBuster 4.6.5.0 2009.10.21 -
Rozšiřující informace
File size: 45056 bytes
MD5 : 2dacc14514d0111cdc5cf9d0a7736800
SHA1 : 12989bb674a524a5f027c8985d2d2600e82cb25c
SHA256: 03e868676dd6c2c38dab0b938f07b0bd4010fad3c54eb514c9a4926df7e5324d
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x168E
timedatestamp.....: 0x44F01265 (Sat Aug 26 11:20:37 2006)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x5264 0x6000 6.05 4255c6a5a1c77ca86fbce9dfcaf2e150
.rdata 0x7000 0x189B 0x2000 4.15 e6e1195b23ffe8e6b7d516d4d14d396c
.data 0x9000 0x127C 0x1000 1.56 7faa99ea57a51963e1a5d84b41afe85b
.reloc 0xB000 0xD54 0x1000 3.71 383ef54dc48037efef57c6a72c98ab66

( 2 imports )

> kernel32.dll: LoadLibraryA, GetProcAddress, GetVersionExA, CloseHandle, MapViewOfFile, CreateFileMappingA, UnmapViewOfFile, FreeLibrary, GetModuleFileNameA, GetSystemInfo, VirtualProtect, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetCommandLineA, ExitProcess, GetModuleHandleA, TerminateProcess, GetCurrentProcess, TlsAlloc, SetLastError, GetLastError, TlsFree, TlsSetValue, TlsGetValue, HeapFree, HeapAlloc, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, UnhandledExceptionFilter, WriteFile, LeaveCriticalSection, EnterCriticalSection, GetACP, GetOEMCP, GetCPInfo, VirtualAlloc, HeapReAlloc, InitializeCriticalSection, RtlUnwind, InterlockedExchange, VirtualQuery, HeapSize, GetLocaleInfoA, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, LCMapStringA, LCMapStringW, QueryPerformanceCounter, GetTickCount
> user32.dll: CharUpperA, SetWindowsHookExA, UnhookWindowsHookEx, CallNextHookEx, GetClassNameA, GetParent, IsWindow

( 1 exports )

> InstallOE, StartOE, hook
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ssdeep: 768:s9Vg1v9ekzdt4RpJvGnKLeJPZbQGEUK+jf02YDjzGG:wg1v9vzb4RpJvGnKLCPZbQGE0oDjzL
PEiD : -
RDS : NSRL Reference Data Set

[G0dzila]

http://www.virustotal.com/cs/analisis/2 ... 1256215841
http://www.virustotal.com/cs/analisis/8 ... 1256216019
http://www.virustotal.com/cs/analisis/a ... 1256216181
http://www.virustotal.com/cs/analisis/5 ... 1256216620
http://www.virustotal.com/cs/analisis/a ... 1256216751
http://www.virustotal.com/cs/analisis/7 ... 1256216903

[G0dzila]

ComboFix 09-10-20.03 - PETR 22.10.2009 15:18.3.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.519 [GMT 2:00]
Spuštěný z: c:\documents and settings\PETR\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091021-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\PETR\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\PETR\Local Settings\Temp\IadHide5.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-22 do 2009-10-22 )))))))))))))))))))))))))))))))
.

2009-10-16 11:33 . 2009-10-16 11:33 -------- d-----w- c:\windows\Hewlett-Packard
2009-10-11 15:31 . 2009-10-11 15:31 -------- d-----w- C:\rsit
2009-10-11 13:28 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-11 13:28 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-11 13:28 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-11 13:28 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-11 13:28 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-11 13:28 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-11 13:28 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-11 13:28 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-11 13:28 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-11 13:28 . 2009-10-11 13:28 -------- d-----w- c:\program files\Alwil Software
2009-10-11 11:15 . 2009-10-11 11:15 -------- d-----w- c:\program files\Trend Micro
2009-10-11 10:10 . 2009-10-11 10:10 -------- d-----w- c:\program files\PowerISO
2009-10-10 12:30 . 2009-10-13 18:17 -------- d-----w- c:\program files\World of Warcraft
2009-09-28 16:49 . 2009-09-28 16:50 -------- d-----w- C:\wincmdd

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-21 13:18 . 2002-09-23 12:00 82544 ----a-w- c:\windows\system32\perfc005.dat
2009-10-21 13:18 . 2002-09-23 12:00 437910 ----a-w- c:\windows\system32\perfh005.dat
2009-10-12 10:28 . 2007-12-15 10:07 -------- d-----w- c:\program files\DivX
2009-10-11 15:28 . 2008-02-21 14:14 -------- d-----w- c:\program files\Seznam DVD5
2009-10-11 15:27 . 2009-06-04 19:58 -------- d-----w- c:\program files\SWF.max
2009-10-11 15:25 . 2009-06-17 11:48 -------- d-----w- c:\program files\TeamViewer
2009-10-11 15:23 . 2007-03-05 16:14 -------- d-----w- c:\program files\A1 DVD Audio Ripper
2009-10-11 15:23 . 2007-02-22 18:10 -------- d-----w- c:\program files\vso
2009-10-11 13:27 . 2007-01-25 17:48 -------- d-----w- c:\program files\ESET
2009-10-10 12:39 . 2007-08-13 10:37 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-10-10 11:41 . 2008-10-28 15:22 -------- d-----w- c:\program files\World of Warcraft WOLTK
2009-10-10 11:31 . 2009-02-16 13:48 -------- d-----w- c:\program files\Warcraft III
2009-09-27 11:16 . 2009-02-16 13:51 182922 ----a-w- c:\windows\War3Unin.dat
2009-09-27 11:10 . 2007-04-03 16:06 -------- d-----w- c:\program files\Google
2009-09-27 11:05 . 2009-05-23 17:11 -------- d-----w- c:\program files\AAA Photo Album
2009-09-27 11:03 . 2007-01-25 20:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-21 09:59 . 2008-08-31 08:05 -------- d-----w- c:\program files\TrackMania Nations ESWC
2009-09-15 17:35 . 2008-12-25 15:32 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-09-15 17:35 . 2008-12-25 15:32 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-09-12 11:48 . 2007-02-02 05:12 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-11 14:19 . 2002-09-23 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 06:58 . 2008-01-19 11:43 -------- d-----w- c:\program files\ParadisePoker
2009-09-06 09:28 . 2007-08-25 22:01 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-05 14:27 . 2009-09-05 13:56 -------- d-----w- c:\program files\Capcom
2009-09-04 21:05 . 2002-09-23 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-30 12:24 . 2009-08-30 12:24 -------- d-----w- c:\program files\LucasArts
2009-08-30 08:42 . 2007-10-14 16:05 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-30 08:32 . 2009-08-30 08:32 -------- d-----w- c:\program files\2K Games
2009-08-29 10:50 . 2007-08-22 12:34 -------- d-----w- c:\program files\MobMapUpdater
2009-08-29 07:58 . 2002-09-23 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-28 09:47 . 2007-12-22 19:40 -------- d-----w- c:\program files\Full Tilt Poker
2009-08-26 08:02 . 2002-09-23 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 11:33 . 2007-08-25 22:01 139072 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-05 09:01 . 2002-09-23 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:29 . 2002-09-23 12:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:29 . 2002-09-20 17:12 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-08-03 16:38 . 2009-08-03 16:04 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-08-03 16:38 . 2009-08-03 16:04 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-08-03 16:38 . 2009-08-03 16:04 12067 ----atw- c:\windows\system32\SIntf16.dll
2007-05-14 12:30 . 2007-02-14 19:57 66672 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-05-14 12:30 . 2007-02-14 19:57 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-05-14 12:30 . 2007-02-14 19:57 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-05-14 12:30 . 2007-02-14 19:57 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-05-14 12:30 . 2007-02-14 19:57 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-10-21_13.26.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-22 13:25 . 2009-10-22 13:25 16384 c:\windows\Temp\Perflib_Perfdata_e4.dat
+ 2009-10-22 12:20 . 2009-10-22 12:20 16384 c:\windows\Temp\Perflib_Perfdata_c8.dat
+ 2009-10-22 13:25 . 2009-10-22 13:25 16384 c:\windows\Temp\Perflib_Perfdata_1b4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-10 32768]
"OEXPRESS"="c:\windows\OETRN.EXE" [2008-05-12 26624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"PC Suite for Smartphones"="c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-11-08 528384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-21 136600]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"w3dr.exe"="c:\program files\Warcraft III\w3dr.exe" [2008-08-03 61440]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\alcwzrd.exe [2006-03-14 2809344]

c:\documents and settings\PETR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-3-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-3-10 528384]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Vietcong\\Vietcong.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\wincmd\\WINCMD32.EXE"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\PETR\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\aTunes.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Warcraft III\\W3DR.exe"=
"c:\\Program Files\\Warcraft III\\World Editor.exe"=
"c:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"c:\\Documents and Settings\\PETR\\Plocha\\Godzila\\Defcon\\defcon.exe"=
"c:\\Documents and Settings\\All Users\\Dokumenty\\Defcon\\defcon.exe"=
"c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Warcraft III\\euroloader.exe"=
"c:\\Program Files\\Warcraft III\\w3l.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Age of Empires II\\age2_x1.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Age of Empires II\\empires2.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:6112
"6112:UDP"= 6112:UDP:6112

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.10.2009 15:28 114768]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [20.2.2007 16:43 15424]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.10.2009 15:28 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [20.6.2009 19:44 42752]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 13:29 162176]
R3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.sys [25.12.2008 17:31 1670016]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [25.12.2008 17:29 79360]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Magix\Common\Database\bin\fbserver.exe [20.6.2009 17:05 1527900]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 23:10 32512]
S3 qrzyanckq;QRZYANCKQ;c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe --> c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [22.8.2007 21:36 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [22.8.2007 21:36 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [22.8.2007 21:36 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [22.8.2007 21:36 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [22.8.2007 21:36 98568]
S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4;\??\c:\program files\Ufasoft\Sniffer\usft_sn4.sys --> c:\program files\Ufasoft\Sniffer\usft_sn4.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
TCP: {210FA241-8F7E-462C-B7CF-9F9706216299} = 10.0.0.138,0.0.0.0
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.82.144.83/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\PETR\Data aplikací\Mozilla\Firefox\Profiles\vnf2mb3f.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/skinit/icq/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Eurobattle.net Installer1.22 - c:\windows\Eurobattle.net



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-22 15:25
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d7,bc,64,00,42,fd,30,24,07,44,a1,32,d1,8e,61,1f,e2,36,9f,4f,08,5e,0f,
c2,7d,b8,a7,57,b8,6e,8f,02,b8,f0,d1,66,2d,70,7b,14,88,09,e4,5f,e5,11,99,91,\
"??"=hex:b7,bc,5f,d3,0e,8d,b1,d1,7d,43,be,54,31,ad,2f,34

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e1,87,a4,06,25,c1,81,bc,a3,dc,7a,00,60,76,0c,8d,90,83,a7,3c,e5,
fc,6f,a8,e7,1f,10,89,97,f4,b9,b4,c8,d2,8f,c0,49,6f,8e,87,fc,3b,5c,f3,47,e9,\
"rkeysecu"=hex:64,9c,28,d9,fe,54,af,7d,a7,d9,e1,df,d3,9c,fe,92

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(972)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1028)
c:\windows\system32\imon.dll

- - - - - - - > 'explorer.exe'(3568)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\TrnOEH.dll
c:\program files\Logitech\SetPoint\HookDll.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\imon.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\combofix\CF5759.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\windows\system32\PnkBstrB.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\UAService7.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\msiexec.exe
c:\program files\Java\jre6\bin\jucheck.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Celkový čas: 2009-10-22 15:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-10-22 13:35
ComboFix2.txt 2009-10-21 13:36
ComboFix3.txt 2009-10-12 17:48

Před spuštěním: Volných bajtů: 12 601 466 880
Po spuštění: Volných bajtů: 12 704 968 704

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 88205CF881252C16F19A2CC14F0E8DF9

[motji]

Stáhněte Avenger
http://swandog46.geekstogo.com/avenger.exe

-spustíte program a potvrdíte kliknutím na ok,tím potvrzujete, že všechny činnosti s tím spojené činíte na vlastní riziko.
-Po odkliknutí se objeví hlavní okno programu,do bílého okna něj zkopírujte tento skript:

Kód: Vybrat vše

drivers to delete:
qrzyanckq

Files to delete:
c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe
c:\docume~1\PETR\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\PETR\Local Settings\Temp\IadHide5.dll

-zaškrtněte políčko scan for rootkits

a klikněte na tlačítko Execute.
-Potom se objeví okno,kde kliknutím Yes potvrdíte spuštění skriptu. Pak znovu tlačítkem yes potvrdíte restart počítače.
-Po restartu by se měl otevřít poznámkový blok s logem o vykonání skriptu, bude také uložený v C:\avenger.txt.
-Log vložte sem

[G0dzila]

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "qrzyanckq" deleted successfully.

Error: file "c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe" not found!
Deletion of file "c:\docume~1\PETR\LOCALS~1\Temp\QRZYANCKQ.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "c:\docume~1\PETR\LOCALS~1\Temp\IadHide5.dll" deleted successfully.

Error: file "c:\documents and settings\PETR\Local Settings\Temp\IadHide5.dll" not found!
Deletion of file "c:\documents and settings\PETR\Local Settings\Temp\IadHide5.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

[motji]

Ted spustte znovu combofix
Jak to vypadá s počítačem?

[G0dzila]

ComboFix 09-12-08.07 - PETR 09.12.2009 16:39:03.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.554 [GMT 1:00]
Spuštěný z: c:\documents and settings\PETR\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091209-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\PETR\Local Settings\Temporary Internet Files\MAILTRAN.INI
c:\documents and settings\PETR\Local Settings\Temporary Internet Files\TRNCOM.INI

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-09 do 2009-12-09 )))))))))))))))))))))))))))))))
.

2009-12-02 14:34 . 2009-12-02 14:34 -------- d-----w- c:\program files\Ubisoft
2009-11-22 16:45 . 2009-11-22 16:45 -------- d-----w- c:\program files\Aberger

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 17:43 . 2007-10-14 16:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-04 16:58 . 2009-09-05 13:56 -------- d-----w- c:\program files\Capcom
2009-12-04 16:57 . 2007-01-25 20:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 16:22 . 2009-10-10 12:30 -------- d-----w- c:\program files\World of Warcraft
2009-12-04 16:21 . 2008-08-31 08:05 -------- d-----w- c:\program files\TrackMania Nations ESWC
2009-12-02 14:40 . 2008-10-28 15:22 -------- d-----w- c:\program files\World of Warcraft WOLTK
2009-12-02 12:38 . 2002-09-23 12:00 82544 ----a-w- c:\windows\system32\perfc005.dat
2009-12-02 12:38 . 2002-09-23 12:00 437910 ----a-w- c:\windows\system32\perfh005.dat
2009-11-24 23:54 . 2009-10-11 13:28 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-10-11 13:28 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-10-11 13:28 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-11 13:28 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-11 13:28 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-10-11 13:28 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-20 12:58 . 2008-01-19 11:43 -------- d-----w- c:\program files\ParadisePoker
2009-10-12 10:28 . 2007-12-15 10:07 -------- d-----w- c:\program files\DivX
2009-10-11 15:28 . 2008-02-21 14:14 -------- d-----w- c:\program files\Seznam DVD5
2009-10-11 15:27 . 2009-06-04 19:58 -------- d-----w- c:\program files\SWF.max
2009-10-11 15:25 . 2009-06-17 11:48 -------- d-----w- c:\program files\TeamViewer
2009-10-11 15:23 . 2007-03-05 16:14 -------- d-----w- c:\program files\A1 DVD Audio Ripper
2009-10-11 15:23 . 2007-02-22 18:10 -------- d-----w- c:\program files\vso
2009-10-11 13:28 . 2009-10-11 13:28 -------- d-----w- c:\program files\Alwil Software
2009-10-11 11:15 . 2009-10-11 11:15 -------- d-----w- c:\program files\Trend Micro
2009-10-11 10:10 . 2009-10-11 10:10 -------- d-----w- c:\program files\PowerISO
2009-09-27 11:16 . 2009-02-16 13:51 182922 ----a-w- c:\windows\War3Unin.dat
2009-09-15 17:35 . 2008-12-25 15:32 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-09-15 17:35 . 2008-12-25 15:32 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-09-15 10:56 . 2009-10-11 13:28 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 10:55 . 2009-10-11 13:28 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 10:55 . 2009-10-11 13:28 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-11 14:19 . 2002-09-23 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2007-05-14 12:30 . 2007-02-14 19:57 66672 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-05-14 12:30 . 2007-02-14 19:57 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-05-14 12:30 . 2007-02-14 19:57 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-05-14 12:30 . 2007-02-14 19:57 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-05-14 12:30 . 2007-02-14 19:57 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-10-21_13.26.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-15 14:52 . 2009-11-15 14:52 16384 c:\windows\Temp\Perflib_Perfdata_c0.dat
+ 2009-12-09 15:37 . 2009-12-09 15:37 16384 c:\windows\Temp\Perflib_Perfdata_58c.dat
+ 2009-07-30 13:32 . 2008-03-05 15:00 25608 c:\windows\system32\X3DAudio1_3.dll
- 2009-07-30 13:32 . 2008-03-05 14:00 25608 c:\windows\system32\X3DAudio1_3.dll
+ 2008-03-31 18:43 . 2007-10-22 02:37 17928 c:\windows\system32\X3DAudio1_2.dll
- 2008-03-31 18:43 . 2007-10-22 01:37 17928 c:\windows\system32\X3DAudio1_2.dll
+ 2007-01-25 21:14 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
+ 2007-01-25 18:09 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
+ 2007-01-25 17:04 . 2009-08-06 18:24 53472 c:\windows\system32\wuauclt.exe
- 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2009-10-30 07:10 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-30 07:10 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2002-09-23 12:00 . 2009-12-02 12:38 71232 c:\windows\system32\perfc009.dat
- 2002-09-23 12:00 . 2009-10-21 13:18 71232 c:\windows\system32\perfc009.dat
+ 2009-09-04 17:01 . 2009-09-04 17:01 94024 c:\windows\system32\DSETUP.dll
+ 2007-01-25 18:09 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2007-01-25 17:04 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2002-09-23 12:00 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2002-09-23 12:00 . 2009-08-06 18:24 96480 c:\windows\system32\cdm.dll
+ 2009-11-25 18:01 . 2009-11-25 18:01 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2009-10-30 18:03 . 2009-10-30 18:03 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2009-10-14 17:08 . 2009-10-14 17:08 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 90112 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 90112 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 45056 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 45056 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 22528 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 22528 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 30720 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 30720 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 16384 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 16384 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 34304 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 34304 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 81920 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 81920 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2009-11-12 18:05 . 2009-11-12 18:05 38240 c:\windows\Installer\{90120000-0020-0405-0000-0000000FF1CE}\O12ConvIcon.exe
- 2009-10-14 17:08 . 2009-10-14 17:08 38240 c:\windows\Installer\{90120000-0020-0405-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2006-10-26 12:03 . 2006-10-26 12:03 78648 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\INTLDATE.DLL
+ 2009-12-04 17:39 . 2009-12-04 17:39 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-11-04 18:03 . 2008-07-08 12:59 26488 c:\windows\$hf_mig$\KB976749-IE8\update\spcustom.dll
+ 2009-11-04 18:03 . 2008-07-08 12:59 18296 c:\windows\$hf_mig$\KB976749-IE8\spmsg.dll
- 2007-02-02 15:58 . 2009-10-14 17:09 3584 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 3584 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 8192 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 8192 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 2560 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 2560 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2009-07-30 13:32 . 2008-03-05 14:03 479752 c:\windows\system32\XAudio2_0.dll
+ 2009-07-30 13:32 . 2008-03-05 15:03 479752 c:\windows\system32\XAudio2_0.dll
+ 2009-07-30 13:32 . 2008-03-05 15:03 238088 c:\windows\system32\xactengine3_0.dll
- 2009-07-30 13:32 . 2008-03-05 14:03 238088 c:\windows\system32\xactengine3_0.dll
+ 2009-07-30 13:32 . 2007-10-22 02:39 267272 c:\windows\system32\xactengine2_10.dll
- 2009-07-30 13:32 . 2007-10-22 01:39 267272 c:\windows\system32\xactengine2_10.dll
+ 2007-01-25 18:09 . 2009-08-06 18:24 209632 c:\windows\system32\wuweb.dll
+ 2007-01-25 18:09 . 2009-08-06 18:24 327896 c:\windows\system32\wucltui.dll
+ 2007-01-25 18:09 . 2009-08-06 18:23 575704 c:\windows\system32\wuapi.dll
+ 2002-09-23 12:00 . 2009-12-02 12:38 441476 c:\windows\system32\perfh009.dat
- 2002-09-23 12:00 . 2009-10-21 13:18 441476 c:\windows\system32\perfh009.dat
+ 2007-04-05 11:16 . 2009-08-06 18:23 215920 c:\windows\system32\muweb.dll
+ 2007-06-24 05:49 . 2009-08-06 18:23 274288 c:\windows\system32\mucltui.dll
- 2007-01-25 16:10 . 2009-08-15 15:44 191384 c:\windows\system32\FNTCACHE.DAT
+ 2007-01-25 16:10 . 2009-11-13 05:45 191384 c:\windows\system32\FNTCACHE.DAT
+ 2009-09-04 17:01 . 2009-09-04 17:01 525656 c:\windows\system32\DXSETUP.exe
+ 2007-01-25 18:09 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2007-01-25 18:09 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2007-01-25 18:09 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
- 2009-07-30 13:32 . 2008-02-05 21:07 462864 c:\windows\system32\d3dx10_37.dll
+ 2009-07-30 13:32 . 2008-02-05 22:07 462864 c:\windows\system32\d3dx10_37.dll
+ 2009-07-30 13:32 . 2007-10-02 08:56 444776 c:\windows\system32\d3dx10_36.dll
- 2009-07-30 13:32 . 2007-10-02 07:56 444776 c:\windows\system32\d3dx10_36.dll
+ 2009-11-25 18:01 . 2009-11-25 18:01 429568 c:\windows\Installer\2147c7e.msi
+ 2007-02-02 15:58 . 2009-11-12 18:06 114688 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 114688 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2007-02-02 15:58 . 2009-11-12 18:06 167936 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2007-02-02 15:58 . 2009-10-14 17:09 167936 c:\windows\Installer\{90280405-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2006-10-26 18:49 . 2006-10-26 18:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\WRD12CVR.DLL
+ 2009-11-04 18:03 . 2008-07-08 12:59 391032 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-04 18:03 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
- 2009-09-05 14:45 . 2009-09-05 14:45 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-11-04 18:03 . 2008-07-08 12:59 391032 c:\windows\$hf_mig$\KB976749-IE8\update\updspapi.dll
+ 2009-11-04 18:03 . 2008-07-08 12:59 759160 c:\windows\$hf_mig$\KB976749-IE8\update\update.exe
+ 2009-11-04 18:03 . 2008-07-08 12:59 233848 c:\windows\$hf_mig$\KB976749-IE8\spuninst.exe
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2007-01-25 17:04 . 2009-08-06 18:23 1929952 c:\windows\system32\wuaueng.dll
+ 2002-09-23 12:00 . 2009-08-14 15:15 1850624 c:\windows\system32\win32k.sys
+ 2008-10-21 20:59 . 2009-07-31 09:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2002-09-23 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2002-09-23 12:00 . 2009-10-22 09:18 5939712 c:\windows\system32\mshtml.dll
+ 2009-09-04 17:01 . 2009-09-04 17:01 1691464 c:\windows\system32\dsetup32.dll
+ 2007-01-25 17:04 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 14:50 . 2009-08-14 15:15 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2008-10-21 20:59 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-12 12:29 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2006-10-23 15:19 . 2009-10-22 09:18 5939712 c:\windows\system32\dllcache\mshtml.dll
+ 2009-07-30 13:32 . 2008-03-05 14:56 3786760 c:\windows\system32\D3DX9_37.dll
- 2009-07-30 13:32 . 2008-03-05 13:56 3786760 c:\windows\system32\D3DX9_37.dll
+ 2009-07-30 13:32 . 2007-10-12 14:14 3734536 c:\windows\system32\d3dx9_36.dll
- 2009-07-30 13:32 . 2007-10-12 13:14 3734536 c:\windows\system32\d3dx9_36.dll
- 2009-07-30 13:32 . 2008-03-05 13:56 1420824 c:\windows\system32\D3DCompiler_37.dll
+ 2009-07-30 13:32 . 2008-03-05 14:56 1420824 c:\windows\system32\D3DCompiler_37.dll
+ 2009-07-30 13:32 . 2007-10-12 14:14 1374232 c:\windows\system32\D3DCompiler_36.dll
- 2009-07-30 13:32 . 2007-10-12 13:14 1374232 c:\windows\system32\D3DCompiler_36.dll
+ 2009-09-30 14:11 . 2009-09-30 14:11 8409088 c:\windows\Installer\f58e7f.msp
+ 2009-08-18 11:58 . 2009-08-18 11:58 8301056 c:\windows\Installer\f58e6b.msp
+ 2009-04-03 17:21 . 2009-04-03 17:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OARTCONV.DLL
+ 2007-03-21 17:56 . 2007-03-21 17:56 8425856 c:\windows\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2009-11-04 18:03 . 2009-08-29 07:58 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-09-05 14:45 . 2009-09-05 14:45 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-12-04 17:39 . 2009-12-04 17:39 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-04 12:36 . 2009-10-22 09:14 5943296 c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
+ 2007-01-25 22:48 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
+ 2009-10-08 17:04 . 2009-10-08 17:04 17510400 c:\windows\Installer\f58e63.msp
+ 2009-04-04 06:35 . 2009-04-04 06:35 36977152 c:\windows\Installer\a0a9a9.msp
+ 2009-04-04 14:49 . 2009-04-04 14:49 38441472 c:\windows\Installer\a0a999.msp
+ 2009-04-03 17:46 . 2009-04-03 17:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\MSO.DLL
+ 2007-05-08 10:10 . 2007-05-08 10:10 16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\MSO.DLL
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-10 32768]
"OEXPRESS"="c:\windows\OETRN.EXE" [2008-05-12 26624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"AlcWzrd"="ALCWZRD.EXE" [2006-03-14 2809344]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"PC Suite for Smartphones"="c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-11-08 528384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-21 136600]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"w3dr.exe"="c:\program files\Warcraft III\w3dr.exe" [2008-08-03 61440]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\documents and settings\PETR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-3-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-3-10 528384]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Vietcong\\Vietcong.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\wincmd\\WINCMD32.EXE"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\PETR\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\aTunes.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Warcraft III\\W3DR.exe"=
"c:\\Program Files\\Warcraft III\\World Editor.exe"=
"c:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"c:\\Documents and Settings\\PETR\\Plocha\\Godzila\\Defcon\\defcon.exe"=
"c:\\Documents and Settings\\All Users\\Dokumenty\\Defcon\\defcon.exe"=
"c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Warcraft III\\euroloader.exe"=
"c:\\Program Files\\Warcraft III\\w3l.exe"=
"c:\\Program Files\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Age of Empires II\\age2_x1.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Age of Empires II\\empires2.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\wincmdd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Capcom\\MotoGP 08\\Launcher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:6112
"6112:UDP"= 6112:UDP:6112

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.10.2009 14:28 114768]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [20.2.2007 15:43 15424]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.10.2009 14:28 20560]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [20.6.2009 18:44 42752]
R3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
R3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.sys [25.12.2008 16:31 1670016]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.2.2007 17:53 721904]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [25.12.2008 16:29 79360]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Magix\Common\Database\bin\fbserver.exe [20.6.2009 16:05 1527900]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2.8.2005 22:10 32512]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [22.8.2007 20:36 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [22.8.2007 20:36 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [22.8.2007 20:36 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [22.8.2007 20:36 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [22.8.2007 20:36 98568]
S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4;\??\c:\program files\Ufasoft\Sniffer\usft_sn4.sys --> c:\program files\Ufasoft\Sniffer\usft_sn4.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
TCP: {210FA241-8F7E-462C-B7CF-9F9706216299} = 10.0.0.138,0.0.0.0
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.82.144.83/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\PETR\Data aplikací\Mozilla\Firefox\Profiles\vnf2mb3f.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/skinit/icq/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Need For Speed - Porsche 2000 - c:\windows\IsUninst.exe -fc:\program files\Electronic Arts\Need For Speed - Porsche 2000\uninst.log
AddRemove-PRE-Flight - c:\windows\IsUninst.exe -fc:\program files\let.simulátor\nová složka (3)\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-09 16:50
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d7,bc,64,00,42,fd,30,24,07,44,a1,32,d1,8e,61,1f,e2,36,9f,4f,08,5e,0f,
c2,7d,b8,a7,57,b8,6e,8f,02,b8,f0,d1,66,2d,70,7b,14,88,09,e4,5f,e5,11,99,91,\
"??"=hex:b7,bc,5f,d3,0e,8d,b1,d1,7d,43,be,54,31,ad,2f,34

[HKEY_USERS\S-1-5-21-527237240-1770027372-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:c0,e3,d0,1d,9d,83,0f,69,08,20,70,83,76,6b,0d,68,75,61,dd,47,c1,
e8,3c,6b,d1,1a,51,0b,83,85,03,b5,37,cf,1c,58,29,ea,7a,20,b6,bb,4b,a6,bb,ca,\
"rkeysecu"=hex:97,5d,18,b2,b2,b9,41,bd,40,43,49,fd,bb,5f,8b,af

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(956)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1012)
c:\windows\system32\imon.dll
.
Celkový čas: 2009-12-09 16:54:07
ComboFix-quarantined-files.txt 2009-12-09 15:53
ComboFix2.txt 2009-10-22 13:36
ComboFix3.txt 2009-10-21 13:36
ComboFix4.txt 2009-10-12 17:48

Před spuštěním: 8 180 727 808
Po spuštění: Volných bajtů: 13 941 342 208

- - End Of File - - 7334ABDADF5EDC175109BEAE203C154A

[motji]

Poprosím o log ze Rsitu.
Jak to ted vypadá s počítačem?

[G0dzila]

Logfile of random's system information tool 1.06 (written by random/random)
Run by PETR at 2009-12-23 15:26:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (1%) free of 157 GB
Total RAM: 1023 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:32, on 23.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Warcraft III\w3dr.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\OETRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\PETR\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\PETR.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [w3dr.exe] C:\Program Files\Warcraft III\w3dr.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\ParadisePoker\poker unibet\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\ParadisePoker\poker unibet\UltimateBet\UltimateBet.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .7.109.cab
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB34} (Sony SNC-RZ30 Image Viewer) - http://207.67.84.157/home/SonySncRz30View.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9759517741
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2594490953
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://129.57.20.46:1497/activex/AxisCamControl.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://80.82.144.83/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{210FA241-8F7E-462C-B7CF-9F9706216299}: NameServer = 10.0.0.138,0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{210FA241-8F7E-462C-B7CF-9F9706216299}: NameServer = 10.0.0.138,0.0.0.0
O17 - HKLM\System\CS4\Services\Tcpip\..\{210FA241-8F7E-462C-B7CF-9F9706216299}: NameServer = 10.0.0.138,0.0.0.0
O18 - Protocol: bw+0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {FE29E187-2C7D-428A-BE8C-A4459D88C428} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 26943 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-05-12 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-21 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-05-12 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-04-21 335872]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-03-14 2809344]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"PC Suite for Smartphones"=C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-11-08 528384]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-21 136600]
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-05-05 221300]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"w3dr.exe"=C:\Program Files\Warcraft III\w3dr.exe [2008-08-03 61440]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-10 32768]
"OEXPRESS"=C:\WINDOWS\OETRN.EXE [2008-05-12 26624]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\PETR\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Vietcong\Vietcong.exe"="C:\Program Files\Vietcong\Vietcong.exe:*:Enabled:Vietcong"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\PETR\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe"="C:\Documents and Settings\PETR\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe:*:Enabled:dppmmain Application"
"C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe"="C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Warcraft III\W3DR.exe"="C:\Program Files\Warcraft III\W3DR.exe:*:Enabled:Warcraft III Delay Reducer"
"C:\Program Files\Warcraft III\World Editor.exe"="C:\Program Files\Warcraft III\World Editor.exe:*:Enabled:Warcraft III Editor světů"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Documents and Settings\PETR\Plocha\Godzila\Defcon\defcon.exe"="C:\Documents and Settings\PETR\Plocha\Godzila\Defcon\defcon.exe:*:Enabled:Defcon"
"C:\Documents and Settings\All Users\Dokumenty\Defcon\defcon.exe"="C:\Documents and Settings\All Users\Dokumenty\Defcon\defcon.exe:*:Enabled:Defcon"
"C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe"="C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Warcraft III\euroloader.exe"="C:\Program Files\Warcraft III\euroloader.exe:*:Enabled:w3l"
"C:\Program Files\Warcraft III\w3l.exe"="C:\Program Files\Warcraft III\w3l.exe:*:Enabled:w3l.exe"
"C:\Program Files\Warcraft III\war3.exe"="C:\Program Files\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Warcraft III\Frozen Throne.exe"="C:\Program Files\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - Ledový trůn"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:BF2"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Age of Empires II\age2_x1.exe"="C:\Program Files\Age of Empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Age of Empires II\empires2.exe"="C:\Program Files\Age of Empires II\empires2.exe:*:Enabled:empires2.exe"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\wincmdd\TOTALCMD.EXE"="C:\wincmdd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Capcom\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b409699-e709-11de-8453-0011115d3669}]
shell\AutoRun\command - E:\APPInst.exe


======List of files/folders created in the last 1 months======

2009-12-18 09:31:05 ----D---- C:\Program Files\PokerStars
2009-12-09 21:47:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-09 20:37:49 ----SHD---- C:\RECYCLER
2009-12-09 19:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 19:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 19:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 19:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 19:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-09 16:54:08 ----A---- C:\ComboFix.txt
2009-12-09 16:38:01 ----A---- C:\WINDOWS\MBR.exe
2009-12-09 16:34:58 ----D---- C:\ComboFix
2009-12-09 16:07:51 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-12-02 15:55:28 ----D---- C:\Documents and Settings\PETR\Data aplikací\Ubisoft
2009-12-02 15:49:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2009-12-02 15:34:46 ----D---- C:\Program Files\Ubisoft
2009-11-25 19:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 19:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

======List of files/folders modified in the last 1 months======

2009-12-23 15:26:22 ----D---- C:\WINDOWS\Prefetch
2009-12-23 15:24:55 ----D---- C:\WINDOWS
2009-12-23 15:24:55 ----A---- C:\WINDOWS\MAILTRAN.INI
2009-12-23 15:16:55 ----D---- C:\Program Files\Mozilla Firefox
2009-12-23 15:00:59 ----D---- C:\WINDOWS\Temp
2009-12-23 14:36:52 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-12-23 10:53:40 ----D---- C:\Program Files\Full Tilt Poker
2009-12-22 17:29:43 ----D---- C:\Program Files\TrackMania Nations ESWC
2009-12-20 23:03:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-19 12:09:09 ----D---- C:\Program Files\World of Warcraft
2009-12-19 00:40:21 ----D---- C:\Documents and Settings\PETR\Data aplikací\Skype
2009-12-19 00:07:56 ----D---- C:\Documents and Settings\PETR\Data aplikací\skypePM
2009-12-18 09:31:05 ----RD---- C:\Program Files
2009-12-17 08:21:48 ----D---- C:\Program Files\ParadisePoker
2009-12-14 14:37:16 ----D---- C:\WINDOWS\system32
2009-12-14 14:37:16 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-12 15:40:29 ----A---- C:\WINDOWS\WDICT32.INI
2009-12-10 11:58:42 ----HD---- C:\WINDOWS\inf
2009-12-09 22:54:07 ----A---- C:\WINDOWS\PEV.exe
2009-12-09 21:47:33 ----D---- C:\Program Files\Internet Explorer
2009-12-09 19:07:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-09 19:07:23 ----D---- C:\WINDOWS\system32\drivers
2009-12-09 19:07:11 ----A---- C:\WINDOWS\imsins.BAK
2009-12-09 19:06:34 ----D---- C:\WINDOWS\ie8updates
2009-12-09 19:06:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-09 19:06:18 ----SHD---- C:\WINDOWS\Installer
2009-12-09 19:06:18 ----D---- C:\Config.Msi
2009-12-09 18:29:29 ----AC---- C:\WINDOWS\wininit.ini
2009-12-09 16:54:12 ----D---- C:\Qoobox
2009-12-09 16:50:32 ----A---- C:\WINDOWS\system.ini
2009-12-09 16:45:34 ----D---- C:\WINDOWS\AppPatch
2009-12-09 16:45:28 ----D---- C:\Program Files\Common Files
2009-12-09 16:28:23 ----AC---- C:\WINDOWS\wincmd.ini
2009-12-09 16:08:42 ----AC---- C:\WINDOWS\wcx_ftp.ini
2009-12-04 18:43:53 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-12-04 18:39:51 ----RSD---- C:\WINDOWS\assembly
2009-12-04 18:39:21 ----D---- C:\WINDOWS\system32\DirectX
2009-12-04 17:58:12 ----D---- C:\Program Files\Capcom
2009-12-04 17:57:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-02 15:40:16 ----D---- C:\Program Files\World of Warcraft WOLTK
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-25 19:01:08 ----D---- C:\WINDOWS\WinSxS
2009-11-25 00:54:29 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\aavmker4.sys [2009-11-25 27408]
R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2009-09-15 114768]
R1 aswtdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswtdi.sys [2009-11-25 48560]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-07-15 25488]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2007-02-20 15424]
R1 scdemu;scdemu; C:\WINDOWS\system32\drivers\scdemu.sys [2009-03-15 56268]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswmon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswmon2.sys [2009-09-15 94160]
R3 aswrdr;aswRdr; C:\WINDOWS\system32\drivers\aswrdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2007-09-14 42752]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-05-27 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-07-22 13440]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 PAC207;Trust WB-1200p Mini Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 SMBios;Intel (R) System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2004-06-07 36484]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2007-04-13 62984]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2007-02-20 512096]
S3 a88ktahc;a88ktahc; C:\WINDOWS\system32\drivers\a88ktahc.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\PETR\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-02-28 47360]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2002-09-23 17664]
S3 skfilt;skfilt; C:\WINDOWS\system32\drivers\skfilt.sys [2008-02-12 1670016]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\PETR\LOCALS~1\Temp\sony_ssm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4; \??\C:\Program Files\Ufasoft\Sniffer\usft_sn4.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-04-20 607576]
R2 aswupdsv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-21 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-25 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-09-06 189672]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-05-08 217088]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! mail scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! web scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-12-11 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-01 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-12-25 79360]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-16 190448]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe []
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Jednotku a soubor znáte?
- E:\APPInst.exe

Jak to ted vypadá s počítačem?

[G0dzila]

j znám , ono services už nehlásí chybu , ale chodí mě spamy na icq ma .ru stránky apod .....

[motji]

Změnte heslo na Icq. Příhlásil jste se na Icq i z jiného pc?

Stahněte dr. Web CureIt http://www.viry.cz/forum/viewtopic.php?f=29&t=47721
-udělejte sken , co najde nechte léčit, smazat
-sken může trvat několik hodin
-Soubor/Uložit výsledky - uložíte jako textovy soubor a zkopírujete zde