Win32:Spyware-gen [Spy]

[Dendy666]

dobrý den avast na mě dnes pořád ječí ZABLOKOVÁN SPYWARE objekt C:/WINDOWS\System32\Winbooter\Svchost.exe
infekce Win32:spyware-gen [spy]
akce:presun do truhly
proces:\windows\wxplorer.xe
prosím poradíte mi? bojím se že kdybych smazal ten svschost.exe ze bych odpojil celej pocitac prosím nevíte jak to odstranit? mám nový pc tak by byla velká škoda kdyby šel do šrotu...

[Caroprd111]

Zdravím

Soubor můžete smazat, svchost je legitimní pouze, pokud je umístěn v %systemroot%\system32\.


Vložte sem log z RSIT.

[Dendy666]

svschost.exe pri odstranovani pise pristup byl odepren

[Dendy666]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Dandy at 2010-09-06 06:58:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 573 MB (2%) free of 30 GB
Total RAM: 1535 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:59:07, on 6.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\servant\SALAMAND.EXE
C:\Documents and Settings\Dandy\Plocha\RSIT.exe
C:\Program Files\trend micro\Dandy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\Winbooterr\Svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Winbooterr\Svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {68010555-99E8-442A-92E6-30D0BCE635AD} - C:\WINDOWS\DOWNLO~1\necli307.dll
O9 - Extra 'Tools' menuitem: &Nastavení Eso 9 klient 3.7 - {68010555-99E8-442A-92E6-30D0BCE635AD} - C:\WINDOWS\DOWNLO~1\necli307.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {C2804910-2730-4DCB-A3C4-4E21A82F79C5} - C:\WINDOWS\DOWNLO~1\necli306.dll
O9 - Extra 'Tools' menuitem: &Nastavení Eso 9 klient 3.6 - {C2804910-2730-4DCB-A3C4-4E21A82F79C5} - C:\WINDOWS\DOWNLO~1\necli306.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3107D2E2-4196-42A8-AD92-A369A269924F} (Eso 9 klientské komponenty verze 3.6) - http://192.168.132.1/Eso9Supp.net/LIB/CAB/necli306.cab
O16 - DPF: {DD0E1A13-A3E3-4D38-8D73-09640178885A} (Eso 9 klientské komponenty verze 3.7) - http://mail.hopipopi.cz:8001/Eso9Supp.n ... cli307.cab
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.165 85.255.112.122
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - (no file)

--
End of file - 7921 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0 Fallback-R01-Dandy.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-R01-Dandy.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll [2006-07-26 434279]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2005-04-05 159744]
"C-Media Mixer"=Mixer.exe /startup []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-07-20 1038848]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-08-20 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"HKCU"=C:\WINDOWS\system32\Winbooterr\Svchost.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\Winbooterr\Svchost.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Dandy\Plocha\Emulator AC2\server.exe"="C:\Documents and Settings\Dandy\Plocha\Emulator AC2\server.exe:*:Enabled:server"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe"="I:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"I:\Hry\GTA IV\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe"="I:\Hry\GTA IV\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"I:\Hry\Far Cry\Bin32\FarCry.exe"="I:\Hry\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"I:\Hry\Avatar\bin\Avatar.exe"="I:\Hry\Avatar\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME"
"I:\Hry\Avatar\bin\AvatarLauncher.exe"="I:\Hry\Avatar\bin\AvatarLauncher.exe:*:Enabled:Updater"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-06 06:58:43 ----D---- C:\Program Files\trend micro
2010-09-06 06:58:42 ----D---- C:\rsit
2010-09-05 12:42:30 ----D---- C:\Program Files\Counter-Strike Source
2010-09-05 09:56:38 ----D---- C:\Program Files\EA GAMES
2010-09-04 09:58:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-09-01 11:45:46 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Mount&Blade
2010-08-30 15:56:22 ----A---- C:\WINDOWS\BlendSettings.ini
2010-08-30 15:45:15 ----D---- C:\Program Files\Oblivion
2010-08-30 12:04:07 ----D---- C:\Program Files\Multi Theft Auto
2010-08-29 19:37:17 ----D---- C:\Documents and Settings\Dandy\Data aplikací\InstallShield Installation Information
2010-08-29 08:46:36 ----A---- C:\WINDOWS\thug.ini
2010-08-29 08:33:49 ----D---- C:\Program Files\uTorrent
2010-08-29 08:33:30 ----D---- C:\Documents and Settings\Dandy\Data aplikací\uTorrent
2010-08-28 20:21:36 ----D---- C:\Program Files\TalonSoft
2010-08-28 14:01:04 ----D---- C:\Program Files\RAR Password Cracker
2010-08-28 09:51:22 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-08-28 09:51:21 ----D---- C:\Program Files\Xvid
2010-08-27 19:35:04 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-27 19:35:04 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-27 19:35:03 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-27 19:35:03 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-27 19:35:02 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-27 19:35:01 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-27 19:35:01 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-27 19:35:00 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-27 19:34:59 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-08-27 19:34:59 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-08-27 19:34:58 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-08-27 19:34:57 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\DXErr.exe
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dxcpl.exe
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dwmapi.dll_bak
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\ntdllnew.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\msvcrtnew.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\kernel32new.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\d3dx10.dll
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\unins000.exe
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\d3d10core.dll
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\d3d10.dll
2010-08-27 14:46:32 ----D---- C:\Program Files\Deep Silver
2010-08-27 09:13:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-08-27 09:12:59 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-27 09:12:29 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-08-27 09:12:27 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-08-27 09:12:27 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-08-24 16:19:18 ----D---- C:\Documents and Settings\Dandy\Data aplikací\GetRightToGo
2010-08-24 16:00:49 ----D---- C:\Program Files\NCSoft
2010-08-23 18:55:38 ----N---- C:\WINDOWS\system32\iyvu9_32.dll
2010-08-23 18:55:38 ----A---- C:\WINDOWS\system32\iacenc.dll
2010-08-23 18:55:37 ----D---- C:\Program Files\Ligos
2010-08-23 18:41:16 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-21 17:12:51 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-08-21 17:11:55 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2010-08-20 09:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2010-08-20 09:01:16 ----D---- C:\Program Files\Adobe Media Player
2010-08-20 08:58:19 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-19 21:01:19 ----D---- C:\WINDOWS\system32\Adobe
2010-08-19 20:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2010-08-19 17:16:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tages
2010-08-17 20:54:56 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-17 20:50:52 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2010-08-17 20:50:52 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2010-08-17 20:50:35 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2010-08-17 20:50:35 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-08-17 20:50:33 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-08-17 20:50:31 ----D---- C:\Program Files\Common Files\Ahead
2010-08-17 20:50:30 ----D---- C:\Program Files\Ahead
2010-08-17 20:49:53 ----D---- C:\Program Files\Yahoo!
2010-08-17 19:10:21 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-08-16 19:43:14 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-08-16 19:43:14 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-08-16 19:43:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-08-16 19:43:10 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-08-16 19:43:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-08-16 19:43:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-08-16 19:43:07 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-08-16 19:42:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-08-16 18:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-08-16 18:39:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-08-16 18:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-16 18:30:12 ----D---- C:\WINDOWS\ie8updates
2010-08-16 18:22:10 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-08-16 18:22:10 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-08-16 18:22:04 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-08-16 18:22:03 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-08-16 18:22:03 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-08-16 18:22:01 ----A---- C:\WINDOWS\system32\vsdatant.sys
2010-08-16 18:22:01 ----A---- C:\WINDOWS\system32\drivers\vsdatant.sys
2010-08-16 18:20:56 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-08-16 18:20:56 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-08-16 14:28:16 ----D---- C:\Program Files\XP TCPIP Repair
2010-08-16 13:07:28 ----D---- C:\WINDOWS\SxsCaPendDel
2010-08-16 12:41:12 ----D---- C:\WINDOWS\pss
2010-08-16 10:47:21 ----HD---- C:\VritualRoot
2010-08-16 10:46:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2010-08-16 10:42:09 ----D---- C:\Program Files\COMODO
2010-08-16 10:29:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2010-08-16 10:04:51 ----SHD---- C:\WINDOWS\CSC
2010-08-16 08:42:25 ----D---- C:\WINDOWS\WBEM
2010-08-16 08:39:58 ----HDC---- C:\WINDOWS\ie8
2010-08-15 21:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-08-15 21:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-08-15 21:38:32 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-08-15 21:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-08-15 21:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-15 21:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-08-15 21:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-15 21:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-08-15 21:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-08-15 21:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-15 21:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-08-15 21:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-08-15 21:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-08-15 21:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-08-15 21:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-08-15 21:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-15 21:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-08-15 21:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-08-15 21:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-08-15 21:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-08-15 21:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-08-15 21:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-08-15 21:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-08-15 21:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-08-15 21:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-08-15 21:34:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-08-15 21:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-15 21:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-08-15 21:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-15 21:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-08-15 21:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-08-15 21:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-08-15 21:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-08-15 21:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-08-15 21:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-08-15 21:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-15 21:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-08-15 21:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-08-15 21:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-08-15 21:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-15 21:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-08-15 21:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-08-15 21:32:54 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-08-15 21:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-08-15 21:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-08-15 21:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-08-15 21:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-08-15 21:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-08-15 21:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-08-15 21:28:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-15 21:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-15 21:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-08-15 21:28:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-08-15 21:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-15 21:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-08-15 21:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-15 21:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-08-15 21:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-08-15 21:27:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-15 21:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-15 21:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-08-15 21:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-08-15 21:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-08-15 21:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-08-15 19:41:05 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-08-15 19:29:09 ----D---- C:\Documents and Settings\Dandy\Data aplikací\CheckPoint
2010-08-15 19:26:55 ----D---- C:\Program Files\Conduit
2010-08-15 12:00:41 ----D---- C:\Documents and Settings\Dandy\Data aplikací\skypePM
2010-08-15 12:00:01 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Skype
2010-08-15 11:59:18 ----D---- C:\Program Files\Common Files\Skype
2010-08-15 11:59:10 ----RD---- C:\Program Files\Skype
2010-08-15 11:59:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-15 10:54:32 ----A---- C:\WINDOWS\system32\drivers\hidgame.sys
2010-08-15 10:12:32 ----D---- C:\Documents and Settings\Dandy\Data aplikací\TeamViewer
2010-08-15 10:12:17 ----D---- C:\Program Files\TeamViewer
2010-08-15 09:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-08-15 09:39:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-08-15 09:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2010-08-15 09:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2010-08-15 09:27:20 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-15 09:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-08-15 09:18:28 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-08-15 09:18:24 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-08-13 20:33:44 ----A---- C:\WINDOWS\system32\drivers\appdrv01.sys
2010-08-13 20:33:43 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2010-08-11 21:26:14 ----A---- C:\WINDOWS\system32\drivers\lirsgt.sys
2010-08-11 21:26:14 ----A---- C:\WINDOWS\system32\drivers\atksgt.sys
2010-08-11 21:26:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-11 21:26:01 ----D---- C:\WINDOWS\system32\AGEIA
2010-08-11 21:26:01 ----D---- C:\Program Files\AGEIA Technologies
2010-08-11 21:25:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-11 20:55:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2010-08-11 20:21:11 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Macromedia
2010-08-11 20:21:09 ----SHD---- C:\WINDOWS\ftpcache
2010-08-11 19:59:47 ----A---- C:\memory.txt
2010-08-11 12:47:57 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Hamachi
2010-08-11 12:47:39 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys

======List of files/folders modified in the last 1 months======

2010-09-06 06:58:43 ----RD---- C:\Program Files
2010-09-06 06:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-09-06 06:23:07 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-06 06:21:01 ----D---- C:\WINDOWS\Temp
2010-09-06 06:06:30 ----D---- C:\WINDOWS
2010-09-05 14:37:20 ----D---- C:\WINDOWS\system32
2010-09-05 13:24:30 ----A---- C:\WINDOWS\winamp.ini
2010-09-05 09:56:29 ----RSD---- C:\WINDOWS\assembly
2010-09-05 09:56:29 ----D---- C:\WINDOWS\system32\DirectX
2010-09-05 07:46:06 ----D---- C:\WINDOWS\system32\drivers
2010-09-05 07:39:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-04 21:04:48 ----SHD---- C:\WINDOWS\Installer
2010-09-04 16:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-09-04 09:49:03 ----HD---- C:\WINDOWS\inf
2010-09-04 06:23:47 ----D---- C:\WINDOWS\Internet Logs
2010-09-02 18:57:56 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Ubisoft
2010-09-02 18:47:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-09-01 15:30:56 ----SD---- C:\Documents and Settings\Dandy\Data aplikací\Microsoft
2010-08-30 13:57:16 ----A---- C:\WINDOWS\OEWABLog.txt
2010-08-30 13:56:35 ----D---- C:\Documents and Settings
2010-08-29 07:50:56 ----A---- C:\WINDOWS\Thps3.INI
2010-08-28 18:33:44 ----A---- C:\WINDOWS\ODBC.INI
2010-08-28 13:30:22 ----RSD---- C:\WINDOWS\Fonts
2010-08-27 19:33:59 ----D---- C:\WINDOWS\Logs
2010-08-27 19:18:36 ----D---- C:\Program Files\Common Files
2010-08-27 13:41:06 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Adobe
2010-08-27 09:14:12 ----D---- C:\WINDOWS\Help
2010-08-27 09:13:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-27 09:12:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-27 09:12:18 ----D---- C:\NVIDIA
2010-08-23 14:13:10 ----D---- C:\WINDOWS\WinSxS
2010-08-20 09:18:50 ----SD---- C:\WINDOWS\Tasks
2010-08-20 09:08:42 ----D---- C:\Program Files\Common Files\Adobe
2010-08-20 09:01:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-08-20 09:00:00 ----D---- C:\Program Files\Adobe
2010-08-18 08:37:10 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-17 21:04:35 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-17 19:53:52 ----D---- C:\WINDOWS\Cursors
2010-08-17 19:43:37 ----D---- C:\WINDOWS\system32\Restore
2010-08-17 19:12:55 ----A---- C:\WINDOWS\imsins.BAK
2010-08-17 19:12:05 ----D---- C:\WINDOWS\system32\mui
2010-08-17 14:18:49 ----SHD---- C:\System Volume Information
2010-08-16 18:59:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-16 18:59:05 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-08-16 18:39:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-16 18:39:15 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-16 18:33:36 ----D---- C:\Program Files\Internet Explorer
2010-08-16 18:28:51 ----ASH---- C:\boot.ini
2010-08-16 18:28:51 ----A---- C:\WINDOWS\win.ini
2010-08-16 18:28:51 ----A---- C:\WINDOWS\system.ini
2010-08-16 18:08:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-16 13:09:36 ----D---- C:\WINDOWS\system32\XPSViewer
2010-08-16 13:09:32 ----D---- C:\WINDOWS\system32\en-us
2010-08-16 08:44:36 ----D---- C:\WINDOWS\system32\cs-cz
2010-08-16 08:42:17 ----D---- C:\WINDOWS\Media
2010-08-16 08:09:07 ----D---- C:\WINDOWS\system32\wbem
2010-08-16 08:09:07 ----D---- C:\WINDOWS\AppPatch
2010-08-15 21:28:55 ----D---- C:\Program Files\Outlook Express
2010-08-15 21:28:16 ----D---- C:\Program Files\Movie Maker
2010-08-15 09:47:24 ----SHD---- C:\RECYCLER
2010-08-15 09:47:24 ----D---- C:\WINDOWS\system32\appmgmt
2010-08-15 09:39:19 ----D---- C:\Program Files\Alwil Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-08-22 685816]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-08-13 3033200]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-08-19 281760]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-08-19 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2003-04-06 377358]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2005-06-23 43008]
R3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2008-09-09 6016]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-06 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-07 11264]
S1 bcbus;BestCrypt bus driver; C:\WINDOWS\system32\DRIVERS\bcbus.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\system32\drivers\Asapiw2k.sys []
S3 Asushwio;Asushwio; \??\C:\WINDOWS\System32\drivers\Asushwio.sys []
S3 azfjh4qp;azfjh4qp; C:\WINDOWS\system32\drivers\azfjh4qp.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-11 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-06-29 42512]
S3 RTCore32;RTCore32; \??\D:\Na vypálení\RightMark\RTCore32.sys []
S3 S3G700;S3G700; C:\WINDOWS\System32\DRIVERS\S3G700m.sys [2005-10-15 792576]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-27 66872]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-08-13 316816]
S4 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-04-10 241664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

-----------------EOF-----------------

[Dendy666]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Dandy at 2010-09-06 06:58:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 573 MB (2%) free of 30 GB
Total RAM: 1535 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:59:07, on 6.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\servant\SALAMAND.EXE
C:\Documents and Settings\Dandy\Plocha\RSIT.exe
C:\Program Files\trend micro\Dandy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\Winbooterr\Svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Winbooterr\Svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {68010555-99E8-442A-92E6-30D0BCE635AD} - C:\WINDOWS\DOWNLO~1\necli307.dll
O9 - Extra 'Tools' menuitem: &Nastavení Eso 9 klient 3.7 - {68010555-99E8-442A-92E6-30D0BCE635AD} - C:\WINDOWS\DOWNLO~1\necli307.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {C2804910-2730-4DCB-A3C4-4E21A82F79C5} - C:\WINDOWS\DOWNLO~1\necli306.dll
O9 - Extra 'Tools' menuitem: &Nastavení Eso 9 klient 3.6 - {C2804910-2730-4DCB-A3C4-4E21A82F79C5} - C:\WINDOWS\DOWNLO~1\necli306.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3107D2E2-4196-42A8-AD92-A369A269924F} (Eso 9 klientské komponenty verze 3.6) - http://192.168.132.1/Eso9Supp.net/LIB/CAB/necli306.cab
O16 - DPF: {DD0E1A13-A3E3-4D38-8D73-09640178885A} (Eso 9 klientské komponenty verze 3.7) - http://mail.hopipopi.cz:8001/Eso9Supp.n ... cli307.cab
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.165 85.255.112.122
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - (no file)

--
End of file - 7921 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0 Fallback-R01-Dandy.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-R01-Dandy.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll [2006-07-26 434279]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2005-04-05 159744]
"C-Media Mixer"=Mixer.exe /startup []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-07-20 1038848]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-08-20 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"HKCU"=C:\WINDOWS\system32\Winbooterr\Svchost.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\Winbooterr\Svchost.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Dandy\Plocha\Emulator AC2\server.exe"="C:\Documents and Settings\Dandy\Plocha\Emulator AC2\server.exe:*:Enabled:server"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe"="I:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"I:\Hry\GTA IV\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe"="I:\Hry\GTA IV\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"I:\Hry\Far Cry\Bin32\FarCry.exe"="I:\Hry\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"I:\Hry\Avatar\bin\Avatar.exe"="I:\Hry\Avatar\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME"
"I:\Hry\Avatar\bin\AvatarLauncher.exe"="I:\Hry\Avatar\bin\AvatarLauncher.exe:*:Enabled:Updater"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-06 06:58:43 ----D---- C:\Program Files\trend micro
2010-09-06 06:58:42 ----D---- C:\rsit
2010-09-05 12:42:30 ----D---- C:\Program Files\Counter-Strike Source
2010-09-05 09:56:38 ----D---- C:\Program Files\EA GAMES
2010-09-04 09:58:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-09-01 11:45:46 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Mount&Blade
2010-08-30 15:56:22 ----A---- C:\WINDOWS\BlendSettings.ini
2010-08-30 15:45:15 ----D---- C:\Program Files\Oblivion
2010-08-30 12:04:07 ----D---- C:\Program Files\Multi Theft Auto
2010-08-29 19:37:17 ----D---- C:\Documents and Settings\Dandy\Data aplikací\InstallShield Installation Information
2010-08-29 08:46:36 ----A---- C:\WINDOWS\thug.ini
2010-08-29 08:33:49 ----D---- C:\Program Files\uTorrent
2010-08-29 08:33:30 ----D---- C:\Documents and Settings\Dandy\Data aplikací\uTorrent
2010-08-28 20:21:36 ----D---- C:\Program Files\TalonSoft
2010-08-28 14:01:04 ----D---- C:\Program Files\RAR Password Cracker
2010-08-28 09:51:22 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-08-28 09:51:21 ----D---- C:\Program Files\Xvid
2010-08-27 19:35:04 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-27 19:35:04 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-27 19:35:03 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-27 19:35:03 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-27 19:35:02 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-27 19:35:01 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-27 19:35:01 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-27 19:35:00 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-27 19:34:59 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-08-27 19:34:59 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-08-27 19:34:58 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-08-27 19:34:57 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\DXErr.exe
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dxcpl.exe
2010-08-27 19:18:36 ----A---- C:\WINDOWS\system32\dwmapi.dll_bak
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\ntdllnew.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\msvcrtnew.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\kernel32new.dll
2010-08-27 19:18:34 ----A---- C:\WINDOWS\system32\d3dx10.dll
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\unins000.exe
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\d3d10core.dll
2010-08-27 19:18:33 ----A---- C:\WINDOWS\system32\d3d10.dll
2010-08-27 14:46:32 ----D---- C:\Program Files\Deep Silver
2010-08-27 09:13:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-08-27 09:12:59 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-27 09:12:29 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-08-27 09:12:27 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-08-27 09:12:27 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-08-24 16:19:18 ----D---- C:\Documents and Settings\Dandy\Data aplikací\GetRightToGo
2010-08-24 16:00:49 ----D---- C:\Program Files\NCSoft
2010-08-23 18:55:38 ----N---- C:\WINDOWS\system32\iyvu9_32.dll
2010-08-23 18:55:38 ----A---- C:\WINDOWS\system32\iacenc.dll
2010-08-23 18:55:37 ----D---- C:\Program Files\Ligos
2010-08-23 18:41:16 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-21 17:12:51 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-08-21 17:11:55 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2010-08-20 09:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2010-08-20 09:01:16 ----D---- C:\Program Files\Adobe Media Player
2010-08-20 08:58:19 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-19 21:01:19 ----D---- C:\WINDOWS\system32\Adobe
2010-08-19 20:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2010-08-19 17:16:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tages
2010-08-17 20:54:56 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-17 20:50:52 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2010-08-17 20:50:52 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2010-08-17 20:50:35 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2010-08-17 20:50:35 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-08-17 20:50:34 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-08-17 20:50:33 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-08-17 20:50:31 ----D---- C:\Program Files\Common Files\Ahead
2010-08-17 20:50:30 ----D---- C:\Program Files\Ahead
2010-08-17 20:49:53 ----D---- C:\Program Files\Yahoo!
2010-08-17 19:10:21 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-08-16 19:43:14 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-08-16 19:43:14 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-08-16 19:43:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-08-16 19:43:10 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-08-16 19:43:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-08-16 19:43:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-08-16 19:43:07 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-08-16 19:42:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-08-16 18:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-08-16 18:39:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-08-16 18:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-16 18:30:12 ----D---- C:\WINDOWS\ie8updates
2010-08-16 18:22:10 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-08-16 18:22:10 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-08-16 18:22:04 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-08-16 18:22:03 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-08-16 18:22:03 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-08-16 18:22:01 ----A---- C:\WINDOWS\system32\vsdatant.sys
2010-08-16 18:22:01 ----A---- C:\WINDOWS\system32\drivers\vsdatant.sys
2010-08-16 18:20:56 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-08-16 18:20:56 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-08-16 14:28:16 ----D---- C:\Program Files\XP TCPIP Repair
2010-08-16 13:07:28 ----D---- C:\WINDOWS\SxsCaPendDel
2010-08-16 12:41:12 ----D---- C:\WINDOWS\pss
2010-08-16 10:47:21 ----HD---- C:\VritualRoot
2010-08-16 10:46:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2010-08-16 10:42:09 ----D---- C:\Program Files\COMODO
2010-08-16 10:29:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2010-08-16 10:04:51 ----SHD---- C:\WINDOWS\CSC
2010-08-16 08:42:25 ----D---- C:\WINDOWS\WBEM
2010-08-16 08:39:58 ----HDC---- C:\WINDOWS\ie8
2010-08-15 21:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-08-15 21:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-08-15 21:38:32 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-08-15 21:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-08-15 21:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-15 21:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-08-15 21:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-15 21:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-08-15 21:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-08-15 21:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-15 21:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-08-15 21:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-08-15 21:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-08-15 21:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-08-15 21:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-08-15 21:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-15 21:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-08-15 21:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-08-15 21:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-08-15 21:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-08-15 21:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-08-15 21:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-08-15 21:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-08-15 21:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-08-15 21:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-08-15 21:34:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-08-15 21:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-15 21:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-08-15 21:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-15 21:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-08-15 21:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-08-15 21:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-08-15 21:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-08-15 21:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-08-15 21:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-08-15 21:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-15 21:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-08-15 21:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-08-15 21:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-08-15 21:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-15 21:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-08-15 21:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-08-15 21:32:54 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-08-15 21:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-08-15 21:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-08-15 21:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-08-15 21:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-08-15 21:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-08-15 21:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-08-15 21:28:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-15 21:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-15 21:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-08-15 21:28:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-08-15 21:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-15 21:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-08-15 21:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-15 21:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-08-15 21:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-08-15 21:27:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-15 21:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-15 21:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-08-15 21:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-08-15 21:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-08-15 21:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-08-15 19:41:05 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-08-15 19:29:09 ----D---- C:\Documents and Settings\Dandy\Data aplikací\CheckPoint
2010-08-15 19:26:55 ----D---- C:\Program Files\Conduit
2010-08-15 12:00:41 ----D---- C:\Documents and Settings\Dandy\Data aplikací\skypePM
2010-08-15 12:00:01 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Skype
2010-08-15 11:59:18 ----D---- C:\Program Files\Common Files\Skype
2010-08-15 11:59:10 ----RD---- C:\Program Files\Skype
2010-08-15 11:59:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-15 10:54:32 ----A---- C:\WINDOWS\system32\drivers\hidgame.sys
2010-08-15 10:12:32 ----D---- C:\Documents and Settings\Dandy\Data aplikací\TeamViewer
2010-08-15 10:12:17 ----D---- C:\Program Files\TeamViewer
2010-08-15 09:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-08-15 09:39:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-08-15 09:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2010-08-15 09:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2010-08-15 09:27:20 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-15 09:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-08-15 09:18:28 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-08-15 09:18:24 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-08-13 20:33:44 ----A---- C:\WINDOWS\system32\drivers\appdrv01.sys
2010-08-13 20:33:43 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2010-08-11 21:26:14 ----A---- C:\WINDOWS\system32\drivers\lirsgt.sys
2010-08-11 21:26:14 ----A---- C:\WINDOWS\system32\drivers\atksgt.sys
2010-08-11 21:26:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-11 21:26:01 ----D---- C:\WINDOWS\system32\AGEIA
2010-08-11 21:26:01 ----D---- C:\Program Files\AGEIA Technologies
2010-08-11 21:25:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-11 20:55:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2010-08-11 20:21:11 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Macromedia
2010-08-11 20:21:09 ----SHD---- C:\WINDOWS\ftpcache
2010-08-11 19:59:47 ----A---- C:\memory.txt
2010-08-11 12:47:57 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Hamachi
2010-08-11 12:47:39 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys

======List of files/folders modified in the last 1 months======

2010-09-06 06:58:43 ----RD---- C:\Program Files
2010-09-06 06:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-09-06 06:23:07 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-06 06:21:01 ----D---- C:\WINDOWS\Temp
2010-09-06 06:06:30 ----D---- C:\WINDOWS
2010-09-05 14:37:20 ----D---- C:\WINDOWS\system32
2010-09-05 13:24:30 ----A---- C:\WINDOWS\winamp.ini
2010-09-05 09:56:29 ----RSD---- C:\WINDOWS\assembly
2010-09-05 09:56:29 ----D---- C:\WINDOWS\system32\DirectX
2010-09-05 07:46:06 ----D---- C:\WINDOWS\system32\drivers
2010-09-05 07:39:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-04 21:04:48 ----SHD---- C:\WINDOWS\Installer
2010-09-04 16:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-09-04 09:49:03 ----HD---- C:\WINDOWS\inf
2010-09-04 06:23:47 ----D---- C:\WINDOWS\Internet Logs
2010-09-02 18:57:56 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Ubisoft
2010-09-02 18:47:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-09-01 15:30:56 ----SD---- C:\Documents and Settings\Dandy\Data aplikací\Microsoft
2010-08-30 13:57:16 ----A---- C:\WINDOWS\OEWABLog.txt
2010-08-30 13:56:35 ----D---- C:\Documents and Settings
2010-08-29 07:50:56 ----A---- C:\WINDOWS\Thps3.INI
2010-08-28 18:33:44 ----A---- C:\WINDOWS\ODBC.INI
2010-08-28 13:30:22 ----RSD---- C:\WINDOWS\Fonts
2010-08-27 19:33:59 ----D---- C:\WINDOWS\Logs
2010-08-27 19:18:36 ----D---- C:\Program Files\Common Files
2010-08-27 13:41:06 ----D---- C:\Documents and Settings\Dandy\Data aplikací\Adobe
2010-08-27 09:14:12 ----D---- C:\WINDOWS\Help
2010-08-27 09:13:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-27 09:12:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-27 09:12:18 ----D---- C:\NVIDIA
2010-08-23 14:13:10 ----D---- C:\WINDOWS\WinSxS
2010-08-20 09:18:50 ----SD---- C:\WINDOWS\Tasks
2010-08-20 09:08:42 ----D---- C:\Program Files\Common Files\Adobe
2010-08-20 09:01:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-08-20 09:00:00 ----D---- C:\Program Files\Adobe
2010-08-18 08:37:10 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-17 21:04:35 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-17 19:53:52 ----D---- C:\WINDOWS\Cursors
2010-08-17 19:43:37 ----D---- C:\WINDOWS\system32\Restore
2010-08-17 19:12:55 ----A---- C:\WINDOWS\imsins.BAK
2010-08-17 19:12:05 ----D---- C:\WINDOWS\system32\mui
2010-08-17 14:18:49 ----SHD---- C:\System Volume Information
2010-08-16 18:59:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-16 18:59:05 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-08-16 18:39:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-16 18:39:15 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-16 18:33:36 ----D---- C:\Program Files\Internet Explorer
2010-08-16 18:28:51 ----ASH---- C:\boot.ini
2010-08-16 18:28:51 ----A---- C:\WINDOWS\win.ini
2010-08-16 18:28:51 ----A---- C:\WINDOWS\system.ini
2010-08-16 18:08:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-16 13:09:36 ----D---- C:\WINDOWS\system32\XPSViewer
2010-08-16 13:09:32 ----D---- C:\WINDOWS\system32\en-us
2010-08-16 08:44:36 ----D---- C:\WINDOWS\system32\cs-cz
2010-08-16 08:42:17 ----D---- C:\WINDOWS\Media
2010-08-16 08:09:07 ----D---- C:\WINDOWS\system32\wbem
2010-08-16 08:09:07 ----D---- C:\WINDOWS\AppPatch
2010-08-15 21:28:55 ----D---- C:\Program Files\Outlook Express
2010-08-15 21:28:16 ----D---- C:\Program Files\Movie Maker
2010-08-15 09:47:24 ----SHD---- C:\RECYCLER
2010-08-15 09:47:24 ----D---- C:\WINDOWS\system32\appmgmt
2010-08-15 09:39:19 ----D---- C:\Program Files\Alwil Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-02-23 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-08-22 685816]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-08-13 3033200]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-08-19 281760]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-08-19 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2003-04-06 377358]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2005-06-23 43008]
R3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2008-09-09 6016]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-06 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-07 11264]
S1 bcbus;BestCrypt bus driver; C:\WINDOWS\system32\DRIVERS\bcbus.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\system32\drivers\Asapiw2k.sys []
S3 Asushwio;Asushwio; \??\C:\WINDOWS\System32\drivers\Asushwio.sys []
S3 azfjh4qp;azfjh4qp; C:\WINDOWS\system32\drivers\azfjh4qp.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-11 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-06-29 42512]
S3 RTCore32;RTCore32; \??\D:\Na vypálení\RightMark\RTCore32.sys []
S3 S3G700;S3G700; C:\WINDOWS\System32\DRIVERS\S3G700m.sys [2005-10-15 792576]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-27 66872]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-08-13 316816]
S4 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-04-10 241664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

-----------------EOF-----------------

[Caroprd111]

Pokračujte podle návodu http://www.bleepingcomputer.com/combofi ... t-combofix

[Dendy666]

myslím že to možná nebude potřeba protože když jsem prisel ze školy a zapl pc tak mi to nic nehlásí a v C:/WINDOWS\System32\Winbooter\ ten Svchost.exe už není je možné že je už virus pryč?

[Caroprd111]

Je možné, že je pryč, ale také nemusí. Proveďte sken podle návodu v odkazu.