pomaly PC

[hellriser]

Zdravim, kamratov PC je nejak pomaly poprosim o kontrolu. dik

Logfile of random's system information tool 1.08 (written by random/random)
Run by peto at 2011-02-06 16:46:53
WIN_XP Service Pack 3
System drive C: has 813 MB (9%) free of 9 GB
Total RAM: 1023 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll []
{5617ECA9-488D-4BA2-8562-9710B9AB78D2} - GamingHarbor Toolbar - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stb0.dll [2009-06-26 1134872]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-06-13 4734976]
"nwiz"=nwiz.exe /install []
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-26 65024]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2008-05-22 2776576]
"C-Media Mixer"=Mixer.exe /startup []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-05-16 79224]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-12-11 286720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-12-11 267048]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2005-11-23 344064]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-24 147456]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-06-13 49152]
"SmileyApp"=C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbapp.exe [2009-06-26 598296]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-24 147456]
"MSConfig"=C:\Documents and Settings\peto\pnpcdym.exe [2011-01-30 17920]
"lshdkwic"=C:\Documents and Settings\peto\lshdkwic.exe []
"pvrnnnic"=C:\Documents and Settings\peto\pvrnnnic.exe [2011-02-04 43008]

C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění
15r3ndj.exe
3avrmcd.exe
avwrx66o.exe
e9l0whndjz.exe
ekf5bwnn.exe
epk3rmcde.exe
fa1r703y0z.exe
falrhcty3k.exe
k1gchsepp0.exe
sd70zvgbm.exe
tpkfbrc1st.exe
ua1r703y.exe
vb66ntpp0a.exe
vbg3xn2zff.exe
x0n70zvgb.exe
xs70zvgbm7.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ComPlusSetup]
C:\WINDOWS\system32\catsrvut.dll [2008-04-14 625664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ererrkzd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fnzripfj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pzaaedrr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vbsujofo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ererrkzd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fnzripfj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pzaaedrr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vbsujofo]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\peto\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-06 16:46:54 ----D---- C:\Program Files\trend micro
2011-02-06 16:46:53 ----D---- C:\rsit
2011-02-04 15:00:15 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-04 15:00:15 ----D---- C:\WINDOWS\system32\cs
2011-02-04 15:00:15 ----D---- C:\WINDOWS\Network Diagnostic
2011-02-04 15:00:15 ----D---- C:\WINDOWS\L2Schemas
2011-02-04 15:00:15 ----ASH---- C:\pagefile.sys
2011-02-04 14:56:18 ----D---- C:\WINDOWS\pss
2011-02-04 14:27:34 ----A---- C:\WINDOWS\system32\pvrnnnic.exe
2011-02-04 14:18:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-02-04 14:18:13 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-02-04 14:16:17 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-02-04 14:16:17 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-02-04 14:16:16 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-02-04 14:08:08 ----D---- C:\WINDOWS\LastGood.Tmp
2011-02-04 14:08:02 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-02-04 14:08:02 ----A---- C:\WINDOWS\system32\irclass.dll
2011-02-04 14:07:44 ----RA---- C:\WINDOWS\SET48.tmp
2011-02-04 14:07:41 ----RA---- C:\WINDOWS\SET3C.tmp
2011-02-04 14:07:38 ----RA---- C:\WINDOWS\SET3B.tmp
2011-02-04 14:06:58 ----A---- C:\WINDOWS\setuplog.txt
2011-01-31 15:42:21 ----A---- C:\WINDOWS\system32\drivers\setb36e.sys
2011-01-31 13:56:18 ----A---- C:\WINDOWS\system32\drivers\fnzripfj.sys
2011-01-31 13:42:59 ----AH---- C:\Documents and Settings\peto\Data aplikací\HhdFJl61DD.txt
2011-01-31 13:42:57 ----A---- C:\WINDOWS\system32\lshdkwic.exe
2011-01-31 13:42:57 ----A---- C:\WINDOWS\system32\hopequuv.exe
2011-01-30 18:18:55 ----A---- C:\WINDOWS\system32\drivers\dqhyqq.sys
2011-01-30 18:17:29 ----D---- C:\WINDOWS\Minidump
2011-01-30 17:10:43 ----A---- C:\WINDOWS\system32\drivers\pzaaedrr.sys
2011-01-30 17:07:36 ----RSH---- C:\Documents and Settings\peto\Data aplikací\juzjf.exe
2011-01-30 17:07:31 ----A---- C:\on.exe
2011-01-24 20:30:23 ----RSH---- C:\WINDOWS\nvsvc32.exe

======List of files/folders modified in the last 1 months======

2011-02-06 16:46:54 ----RD---- C:\Program Files
2011-02-06 16:46:26 ----A---- C:\WINDOWS\wincmd.ini
2011-02-06 16:23:05 ----A---- C:\WINDOWS\win.ini
2011-02-06 16:23:02 ----D---- C:\WINDOWS
2011-02-06 16:21:55 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-04 15:05:24 ----D---- C:\WINDOWS\system32\Setup
2011-02-04 15:05:22 ----D---- C:\WINDOWS\Help
2011-02-04 15:05:13 ----D---- C:\WINDOWS\system32\usmt
2011-02-04 15:05:02 ----D---- C:\WINDOWS\AppPatch
2011-02-04 15:05:00 ----D---- C:\WINDOWS\ehome
2011-02-04 15:04:59 ----D---- C:\WINDOWS\ime
2011-02-04 15:04:58 ----RSD---- C:\WINDOWS\Fonts
2011-02-04 15:04:57 ----D---- C:\WINDOWS\Media
2011-02-04 15:04:41 ----D---- C:\WINDOWS\PeerNet
2011-02-04 15:04:24 ----D---- C:\WINDOWS\system32\npp
2011-02-04 15:04:15 ----D---- C:\WINDOWS\msagent
2011-02-04 15:02:04 ----D---- C:\WINDOWS\system32\1029
2011-02-04 15:01:58 ----D---- C:\WINDOWS\twain_32
2011-02-04 15:01:46 ----D---- C:\WINDOWS\system32\icsxml
2011-02-04 15:01:22 ----D---- C:\WINDOWS\system32\ias
2011-02-04 15:01:17 ----D---- C:\WINDOWS\system32\1033
2011-02-04 15:00:29 ----AD---- C:\WINDOWS\Temp
2011-02-04 15:00:15 ----D---- C:\WINDOWS\Driver Cache
2011-02-04 14:41:36 ----AC---- C:\WINDOWS\winamp.ini
2011-02-04 14:39:12 ----D---- C:\Program Files\Spyware Terminator
2011-02-04 14:37:50 ----SHD---- C:\System Volume Information
2011-02-04 14:37:50 ----D---- C:\WINDOWS\system32\Restore
2011-02-04 14:28:52 ----SHD---- C:\RECYCLER
2011-02-04 14:27:34 ----D---- C:\WINDOWS\system32
2011-02-04 14:26:45 ----AC---- C:\WINDOWS\OEWABLog.txt
2011-02-04 14:21:48 ----D---- C:\WINDOWS\system32\config
2011-02-04 14:21:32 ----HD---- C:\WINDOWS\inf
2011-02-04 14:21:15 ----D---- C:\WINDOWS\system32\drivers
2011-02-04 14:19:46 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-02-04 14:19:37 ----D---- C:\WINDOWS\Registration
2011-02-04 14:19:22 ----ASHC---- C:\WINDOWS\fonts\desktop.ini
2011-02-04 14:18:47 ----RD---- C:\WINDOWS\Web
2011-02-04 14:18:38 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-02-04 14:18:18 ----D---- C:\WINDOWS\srchasst
2011-02-04 14:18:16 ----D---- C:\Program Files\Windows Media Player
2011-02-04 14:18:12 ----D---- C:\Program Files\Movie Maker
2011-02-04 14:18:09 ----D---- C:\WINDOWS\system32\oobe
2011-02-04 14:18:03 ----D---- C:\Program Files\NetMeeting
2011-02-04 14:18:00 ----D---- C:\Program Files\Outlook Express
2011-02-04 14:18:00 ----D---- C:\Program Files\Common Files\System
2011-02-04 14:17:50 ----D---- C:\Program Files\Internet Explorer
2011-02-04 14:17:35 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-04 14:16:55 ----D---- C:\WINDOWS\system32\Com
2011-02-04 14:16:22 ----D---- C:\WINDOWS\system32\wbem
2011-02-04 14:16:22 ----D---- C:\Program Files\Messenger
2011-02-04 14:16:19 ----D---- C:\Program Files\Windows NT
2011-02-04 14:16:18 ----SHD---- C:\WINDOWS\Installer
2011-02-04 14:15:20 ----D---- C:\WINDOWS\security
2011-02-04 14:14:53 ----SH---- C:\boot.ini
2011-02-04 14:13:51 ----A---- C:\WINDOWS\system.ini
2011-02-04 14:08:02 ----D---- C:\WINDOWS\system
2011-02-04 14:07:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-04 14:07:49 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-02-04 14:07:46 ----D---- C:\WINDOWS\system32\CatRoot
2011-02-04 14:07:14 ----D---- C:\WINDOWS\WinSxS
2011-01-31 16:18:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-31 08:34:00 ----A---- C:\WINDOWS\DUMPcc29.tmp
2011-01-29 12:16:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-28 12:49:56 ----D---- C:\Documents and Settings\peto\Data aplikací\Skype
2011-01-28 12:10:57 ----D---- C:\Documents and Settings\peto\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-03-19 18688]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2004-12-20 20016]
R0 pzaaedrr;pzaaedrr; C:\WINDOWS\System32\Drivers\pzaaedrr.sys [2011-01-30 40128]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-05-16 26944]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-05-16 42912]
R1 atitray;atitray; \??\C:\Program Files\Radeon Omega Drivers\v3.8.231\ATI Tray Tools\atitray.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 dqhyqq;dqhyqq; C:\WINDOWS\system32\drivers\dqhyqq.sys []
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-04 717296]
S1 setb36e;setb36e; C:\WINDOWS\System32\drivers\setb36e.sys [2011-01-31 138272]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-05-16 94416]
S2 fnzripfj;fnzripfj; C:\WINDOWS\system32\drivers\fnzripfj.sys [2011-01-31 82944]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-26 611820]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-05-16 23152]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-06-13 1323995]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-10-24 38784]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-10-24 311936]
S3 PAC7302;iLook 310; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-10-29 458112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\PROGRA~1\SPYWAR~1\sp_rsser.exe [2008-05-22 965632]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-05-16 17272]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-05-16 144760]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-06-13 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-05-16 247160]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-05-16 349560]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Ani se nedivim, kdyz tam mate peknou zoo i s babkou pokladni

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[hellriser]

tak tu je log z Rkill:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on . 02. 2011 at 17:20:16.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\System32\runonce.exe


Rkill completed on . 02. 2011 at 17:20:19.



a tu je z ComboFixu:
ComboFix 11-02-05.01 - peto . 02. 2011 17:28:16.1.1 - x86
Running from: c:\documents and settings\peto\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\peto\ggjrve.exe
c:\documents and settings\peto\gobkhib.exe
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\bin\stbup.exe
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\248d6576afce4ee94af42d7350131106.gif
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\default1.dat
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.dat
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.gif
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Cursor.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_DailyVideo.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Game.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Glitter.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Logo.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Option.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Recipe.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Ringtone.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Screensaver.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Search.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_Config.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Wallpaper.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Web.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_01.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_02.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_03.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_04.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_05.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_06.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_WebDropdown_07.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\nsm.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\pixel.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ProductInfo.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\profile.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\SearchEngineList.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\tbcore.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ToolbarLayout.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentre.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentreBk.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLDynamic.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLStatic.mx
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\About.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Component_ComboBox.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_DailyVideo.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Game.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Logo.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Option.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Recipe.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Ringtone.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Screensaver.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Search.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Wallpaper.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Web.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_01.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_01.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_02.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_02.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_03.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_03.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_04.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_04.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_05.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_05.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_06.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_06.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_07.mg
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_WebDropdown_07.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDefault.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay18.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay20.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters18.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters20.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley18.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley20.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd18.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd20.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.png
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink18.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink20.bmp
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin1.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin2.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin3.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin4.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin_s.skf
c:\documents and settings\peto\Local Settings\Data aplikací\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\ToastSkin.skf
c:\documents and settings\peto\Local Settings\Data aplikací\Media Access Startup
c:\documents and settings\peto\Local Settings\Data aplikací\Media Access Startup\1.3.0.790\config.md
c:\documents and settings\peto\Local Settings\Data aplikací\Media Access Startup\1.3.0.790\HJHP_20090706-094609.500.log
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm12.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm13.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm15E.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm18.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm1A.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm1B.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm1D9.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm21.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm2E.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm2F.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm30.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm372.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm544.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm63.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm64.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm65.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm7.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm72.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tm86.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tmA18.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tmC.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tmDB.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tmE.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\_tmFA.tmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\peto\Local Settings\Temporary Internet Files\stb06759.tmp
c:\documents and settings\peto\pnpcdym.exe
c:\documents and settings\peto\pvrnnnic.exe
c:\documents and settings\peto\secupdat.dat
c:\documents and settings\peto\ydwzro.exe
c:\program files\DoubleD
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\AIMActiveXDLL.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\AxGifAnimator.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\248d6576afce4ee94af42d7350131106.gif
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\default1.dat
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.dat
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Cache\loading.gif
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Cursor.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_DailyVideo.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Game.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Glitter.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Logo.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Option.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Recipe.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Ringtone.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Screensaver.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Search.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_Config.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Smiley_TellAFriend.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Wallpaper.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\Module_Web.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\pixel.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ProductInfo.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\profile.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\SearchEngineList.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\tbcore.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\ToolbarLayout.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentre.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\UpdateCentreBk.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLDynamic.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Data\URLStatic.mx
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\gdiplus.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\HookAPINT.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\About.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Component_ComboBox.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Cursor.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_DailyVideo.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Game.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Glitter.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Logo.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Option.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Recipe.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Ringtone.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Screensaver.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Search.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Smiley.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Wallpaper.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\Module_Web.mg
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDefault.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay18.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnDisplay20.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters18.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnGlitters20.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley18.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnSmiley20.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd18.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnTellFd20.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink.png
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink18.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Icons\TBBtnWink20.bmp
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\mfc80.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Microsoft.VC80.CRT.manifest
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Microsoft.VC80.MFC.manifest
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\msvcr80.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\MyDll.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\OEActiveXDLL.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\ProductInfo.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Riched20Smiley.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\SkinCrafterDll.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin1.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin2.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin3.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\myskin4.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\TellafriendSkin_s.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\Skins\ToastSkin.skf
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stb0.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbAol.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbapp.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbapp.exe
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbappHelper.exe
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbasst.exe
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbdl.exe
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbIE.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbMsn.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbOL.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbOLEX.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbsvc.exe
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbYahoo8.dll
c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbYahoo9.dll
c:\program files\ICQ6.5\updates\ICQLRun.exe.f9cb5bbb98c818d0e6c63e8613a6d549
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.3.0.4160\adwpx.exe
c:\program files\Internet Saving Optimizer\3.3.0.4160\Data\config.md
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.3.0.4160\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\NPIEaddon.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.dat
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.3.0.790\Data\config.md
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome.manifest
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.3.0.790\FF\install.rdf
c:\program files\Media Access Startup\1.3.0.790\HPCommon.dll
c:\program files\Media Access Startup\1.3.0.790\HPIEaddon.dll
c:\program files\Media Access Startup\1.3.0.790\hppx.exe
c:\program files\Media Access Startup\1.3.0.790\MAHelper.exe
c:\program files\Media Access Startup\1.3.0.790\unins000.dat
c:\program files\Media Access Startup\1.3.0.790\unins000.exe
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.2.0.750\Data\eacore.mx
c:\program files\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.2.0.750\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.2.0.750\ssd.dll
c:\program files\System Search Dispatcher\1.2.0.750\unins000.dat
c:\program files\System Search Dispatcher\1.2.0.750\unins000.exe
c:\windows\ndl.dl
c:\windows\nvsvc32.exe
c:\windows\system32\driVERs\dqhyqq.sys
c:\windows\system32\Drivers\pzaaedrr.sys
c:\windows\system32\Chip.dll
c:\windows\system32\secupdat.dat
c:\windows\wibrf.jpg
c:\windows\wiybr.png
D:\install.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_dqhyqq
-------\Legacy_pzaaedrr
-------\Service_dqhyqq
-------\Service_pzaaedrr


((((((((((((((((((((((((( Files Created from 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-02-06 15:46 . 2011-02-06 15:46 -------- d-----w- c:\program files\trend micro
2011-02-06 15:46 . 2011-02-06 15:46 -------- d-----w- C:\rsit
2011-02-04 14:00 . 2011-02-04 14:05 -------- d-----w- c:\windows\L2Schemas
2011-02-04 14:00 . 2011-02-04 14:04 -------- d-----w- c:\windows\system32\cs
2011-02-04 14:00 . 2011-02-04 13:16 -------- d-----w- c:\windows\system32\cs-cz
2011-02-04 13:27 . 2011-02-04 13:27 43008 ----a-w- c:\windows\system32\pvrnnnic.exe
2011-02-04 13:18 . 2001-10-25 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-02-04 13:18 . 2008-04-14 06:51 7168 ----a-w- c:\windows\system32\bitsprx4.dll
2011-02-04 13:16 . 2008-04-14 06:51 33792 ----a-w- c:\program files\Messenger\custsat.dll
2011-02-04 13:16 . 2008-04-14 06:52 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-02-04 13:16 . 2008-04-14 06:51 290304 ----a-w- c:\windows\system32\rhttpaa.dll
2011-02-04 13:16 . 2008-04-14 06:51 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-02-04 13:08 . 2011-02-04 13:08 -------- d-----w- c:\windows\LastGood.Tmp
2011-02-04 13:08 . 2001-10-25 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-02-04 13:08 . 2001-10-25 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-02-04 13:07 . 2008-04-14 08:52 16825 ----a-r- c:\windows\SET48.tmp
2011-02-04 13:07 . 2008-04-14 08:52 1088840 ----a-r- c:\windows\SET3C.tmp
2011-02-04 13:07 . 2008-04-14 08:59 1246067 ----a-r- c:\windows\SET3B.tmp
2011-01-31 14:42 . 2011-01-31 14:42 138272 ----a-w- c:\windows\system32\drivers\setb36e.sys
2011-01-31 12:56 . 2011-01-31 12:56 82944 ----a-w- c:\windows\system32\drivers\fnzripfj.sys
2011-01-31 12:42 . 2011-01-31 12:42 43008 ----a-w- c:\windows\system32\lshdkwic.exe
2011-01-31 12:42 . 2011-01-31 12:42 229888 ----a-w- c:\windows\system32\hopequuv.exe
2011-01-30 16:07 . 2011-01-30 16:07 126976 --sh--r- c:\documents and settings\peto\Data aplikací\juzjf.exe
2011-01-30 16:07 . 2011-01-30 16:11 126976 ----a-w- C:\on.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-06 16:35 . 2011-02-06 16:35 1409 ----a-w- c:\windows\QTFont.for
2011-01-31 07:34 . 2008-05-20 22:09 102400 ----a-w- c:\windows\DUMPcc29.tmp
2009-12-16 09:02 . 2010-06-27 10:50 5505230 ----a-w- c:\program files\vdownloader_setup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-06-13 49152]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-06-13 4734976]
"nwiz"="nwiz.exe" [2003-06-13 323584]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792]
"SoundMan"="SOUNDMAN.EXE" [2004-02-26 65024]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-05-22 2776576]
"C-Media Mixer"="Mixer.exe" [2002-07-12 1581056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-15 79224]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"AtiPTA"="atiptaxx.exe" [2005-11-23 344064]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\peto\Nabˇdka Start\Programy\Po spuçtŘnˇ\
15r3ndj.exe [2011-1-31 43520]
3avrmcd.exe [2011-1-31 40448]
avwrx66o.exe [2011-1-30 43520]
e9l0whndjz.exe [2011-1-31 43520]
ekf5bwnn.exe [2011-1-31 43520]
epk3rmcde.exe [2011-1-31 43520]
fa1r703y0z.exe [2011-1-30 40448]
falrhcty3k.exe [2011-1-31 40448]
k1gchsepp0.exe [2011-1-31 40448]
sd70zvgbm.exe [2011-1-31 40448]
tpkfbrc1st.exe [2011-1-30 43520]
ua1r703y.exe [2011-1-30 40448]
vb66ntpp0a.exe [2011-1-31 43520]
vbg3xn2zff.exe [2011-1-31 40448]
x0n70zvgb.exe [2011-1-31 40448]
xs70zvgbm7.exe [2011-1-31 43520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ComPlusSetup]
2008-04-14 06:51 625664 ----a-w- c:\windows\system32\catsrvut.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\peto\\Local Settings\\Data aplikací\\Opera\\Opera\\temporary_downloads\\facebook-pic000934519.exe"= c:\\windows\\nvsvc32.exe
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-04 717296]
R1 setb36e;setb36e;c:\windows\System32\drivers\setb36e.sys [2011-01-31 138272]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-05-15 20560]
R2 fnzripfj;fnzripfj; [x]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S1 aswSP;avast! Self Protection; [x]
S1 atitray;atitray;c:\program files\Radeon Omega Drivers\v3.8.231\ATI Tray Tools\atitray.sys [2006-01-24 11008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2008-05-22 138624]

.
Contents of the 'Scheduled Tasks' folder

2011-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
IE: Crawler Search - tbr:iemenu
TCP: {CCA6110F-BA56-471B-BA55-C9706F58C7AB} = 10.0.80.100,213.215.80.2
TCP: {FE24F43D-0A0C-4233-B5DF-20423E17A33E} = 10.0.80.100,213.215.80.2
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-SmileyApp - c:\program files\DoubleD\GamingHarbor Toolbar\4.1.0.17730\stbapp.exe
HKCU-Run-lshdkwic - c:\documents and settings\peto\lshdkwic.exe
HKCU-Run-pvrnnnic - c:\documents and settings\peto\pvrnnnic.exe
SafeBoot-ererrkzd
SafeBoot-fnzripfj
SafeBoot-pzaaedrr.sys
SafeBoot-vbsujofo
AddRemove-XPv3.8.231 - c:\windows\Radeon Omega Drivers v3.8.231
AddRemove-TmNationsForever_is1 - c:\program files\Games\TmNationsForever\unins000.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.3.0.790\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.2.0.750\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 17:35
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SOUNDMAN.EXE
c:\windows\Mixer.exe
c:\progra~1\SPYWAR~1\sp_rsser.exe
.
**************************************************************************
.
Completion time: 2011-02-06 17:38:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-06 16:38

Pre-Run: 805 003 264
Post-Run: 819 265 536

- - End Of File - - 87E1F12495E8AD16D247285B1C59820F

[vyosek]

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :files
  C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\*.exe
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  File::
  c:\windows\system32\drivers\setb36e.sys
  c:\windows\system32\lshdkwic.exe
  c:\windows\system32\hopequuv.exe
  c:\documents and settings\peto\Data aplikací\juzjf.exe
  C:\on.exe
  c:\windows\system32\pvrnnnic.exe
  c:\windows\system32\drivers\fnzripfj.sys
  c:\\Documents and Settings\\peto\\Local Settings\\Data aplikací\\Opera\\Opera\\temporary_downloads\\facebook-pic000934519.exe
  c:\windows\Tasks\AppleSoftwareUpdate.job
  C:\Documents and Settings\peto\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\facebook-pic000934519.exe
  
  DDS::
  uStart Page = hxxp://www.daemon-search.com/startpage
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "WinampAgent"=-
  "QuickTime Task"=-
  "iTunesHelper"=-
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  "c:\\Documents and Settings\\peto\\Local Settings\\Data aplikací\\Opera\\Opera\\temporary_downloads\\facebook-pic000934519.exe"=-
  "C:\Documents and Settings\peto\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\facebook-pic000934519.exe"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  
  Folder::
  c:\program files\ICQ6Toolbar
  C:\Program Files\DAEMON Tools Toolbar¨
  
  Driver::
  fnzripfj
  ICQ Service

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[hellriser]

tu su logy:

OTM:
All processes killed
========== FILES ==========
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\15r3ndj.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\3avrmcd.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\avwrx66o.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\e9l0whndjz.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\ekf5bwnn.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\epk3rmcde.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\fa1r703y0z.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\falrhcty3k.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\k1gchsepp0.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\sd70zvgbm.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\tpkfbrc1st.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\ua1r703y.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\vb66ntpp0a.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\vbg3xn2zff.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\x0n70zvgb.exe moved successfully.
C:\Documents and Settings\peto\Nabídka Start\Programy\Po spuštění\xs70zvgbm7.exe moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\DUMPcc29.tmp moved successfully.
C:\WINDOWS\LastGood.Tmp\msagent\intl folder moved successfully.
C:\WINDOWS\LastGood.Tmp\msagent folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET3B.tmp moved successfully.
C:\WINDOWS\SET3C.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET48.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE.tmp folder moved successfully.
C:\WINDOWS\inf\COM139.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: peto
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2406448 bytes
->Opera cache emptied: 14179754 bytes
->Flash cache emptied: 2838873 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 19,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 02062011_175740


COMBO:
ComboFix 11-02-05.01 - peto . 02. 2011 18:03:48.2.1 - x86
Running from: c:\documents and settings\peto\Plocha\ComboFix.exe
Command switches used :: e:\zmazat\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\\Documents and Settings\\peto\\Local Settings\\Data aplikací\\Opera\\Opera\\temporary_downloads\\facebook-pic000934519.exe"
"c:\documents and settings\peto\Data aplikací\juzjf.exe"
"c:\documents and settings\peto\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\facebook-pic000934519.exe"
"C:\on.exe"
"c:\windows\system32\drivers\fnzripfj.sys"
"c:\windows\system32\drivers\setb36e.sys"
"c:\windows\system32\hopequuv.exe"
"c:\windows\system32\lshdkwic.exe"
"c:\windows\system32\pvrnnnic.exe"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\on.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\drivers\fnzripfj.sys
c:\windows\system32\drivers\setb36e.sys
c:\windows\system32\hopequuv.exe
c:\windows\system32\lshdkwic.exe
c:\windows\system32\pvrnnnic.exe
c:\windows\Tasks\AppleSoftwareUpdate.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FNZRIPFJ
-------\Legacy_ICQ_SERVICE
-------\Service_fnzripfj
-------\Service_ICQ Service
-------\Legacy_setb36e
-------\Service_setb36e


((((((((((((((((((((((((( Files Created from 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-02-06 16:57 . 2011-02-06 16:57 -------- d-----w- C:\_OTM
2011-02-06 15:46 . 2011-02-06 15:46 -------- d-----w- c:\program files\trend micro
2011-02-06 15:46 . 2011-02-06 15:46 -------- d-----w- C:\rsit
2011-02-04 14:00 . 2011-02-04 14:05 -------- d-----w- c:\windows\L2Schemas
2011-02-04 14:00 . 2011-02-04 14:04 -------- d-----w- c:\windows\system32\cs
2011-02-04 14:00 . 2011-02-04 13:16 -------- d-----w- c:\windows\system32\cs-cz
2011-02-04 13:18 . 2001-10-25 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-02-04 13:18 . 2008-04-14 06:51 7168 ----a-w- c:\windows\system32\bitsprx4.dll
2011-02-04 13:16 . 2008-04-14 06:51 33792 ----a-w- c:\program files\Messenger\custsat.dll
2011-02-04 13:16 . 2008-04-14 06:52 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-02-04 13:16 . 2008-04-14 06:51 290304 ----a-w- c:\windows\system32\rhttpaa.dll
2011-02-04 13:16 . 2008-04-14 06:51 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-02-04 13:08 . 2001-10-25 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-02-04 13:08 . 2001-10-25 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-01-30 16:07 . 2011-01-30 16:07 126976 --sh--r- c:\documents and settings\peto\Data aplikací\juzjf.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-16 09:02 . 2010-06-27 10:50 5505230 ----a-w- c:\program files\vdownloader_setup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-06-13 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-06-13 4734976]
"nwiz"="nwiz.exe" [2003-06-13 323584]
"SoundMan"="SOUNDMAN.EXE" [2004-02-26 65024]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-05-22 2776576]
"C-Media Mixer"="Mixer.exe" [2002-07-12 1581056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-15 79224]
"AtiPTA"="atiptaxx.exe" [2005-11-23 344064]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ComPlusSetup]
2008-04-14 06:51 625664 ----a-w- c:\windows\system32\catsrvut.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sp_rssrv"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-04 717296]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-05-15 20560]
S1 aswSP;avast! Self Protection; [x]
S1 atitray;atitray;c:\program files\Radeon Omega Drivers\v3.8.231\ATI Tray Tools\atitray.sys [2006-01-24 11008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2008-05-22 138624]

.
.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
TCP: {CCA6110F-BA56-471B-BA55-C9706F58C7AB} = 10.0.80.100,213.215.80.2
TCP: {FE24F43D-0A0C-4233-B5DF-20423E17A33E} = 10.0.80.100,213.215.80.2
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
- - - - ORPHANS REMOVED - - - -

AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 18:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SOUNDMAN.EXE
c:\windows\Mixer.exe
c:\progra~1\SPYWAR~1\sp_rsser.exe
.
**************************************************************************
.
Completion time: 2011-02-06 18:11:38 - machine was rebooted
ComboFix-quarantined-files.txt 2011-02-06 17:11
ComboFix2.txt 2011-02-06 16:38

Pre-Run: 842 342 400
Post-Run: 830 672 896

- - End Of File - - A0575D35AC23ED350E2FA3EC3FC2E9E0

[vyosek]

Uvolnete volne misto na disku alespon na 3 giga, jinak se Vam windows budou dusit a i to ma za nasledek velke zpomaleni PC

Jeste jeden skript pro OTM, log pak opet sem

Kód: Vybrat vše

:files
c:\documents and settings\peto\Data aplikací\juzjf.exe

[hellriser]

========== FILES ==========
c:\documents and settings\peto\Data aplikací\juzjf.exe moved successfully.
OTM by OldTimer - Version 3.1.17.2 log created on 02062011_225653

[vyosek]

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Dejte novy log z RSIT a napiste jak se chova PC

[hellriser]

vyzera ze uz je vsetko v poriadku. diky za pomoc a rady


Logfile of random's system information tool 1.08 (written by random/random)
Run by peto at 2011-02-07 11:39:29
WIN_XP Service Pack 3
System drive C: has 2 GB (23%) free of 9 GB
Total RAM: 1023 MB (79% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-06-13 4734976]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-26 65024]
"C-Media Mixer"=Mixer.exe /startup []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-05-16 79224]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2005-11-23 344064]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"nForce Tray Options"=sstray.exe /r []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-06-13 49152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-07 11:39:29 ----D---- C:\rsit
2011-02-07 11:39:29 ----D---- C:\Program Files\trend micro
2011-02-07 01:40:20 ----D---- C:\WINDOWS\Prefetch
2011-02-07 01:23:21 ----D---- C:\WINDOWS\LastGood.Tmp
2011-02-07 00:49:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-06 23:56:00 ----D---- C:\Program Files\Defraggler
2011-02-06 23:47:34 ----D---- C:\Program Files\CCleaner
2011-02-06 23:36:47 ----SHD---- C:\RECYCLER
2011-02-06 18:11:40 ----D---- C:\WINDOWS\temp
2011-02-06 17:25:46 ----AD---- C:\Qoobox
2011-02-06 17:16:40 ----N---- C:\WINDOWS\system32\nvuautl.exe
2011-02-06 17:16:40 ----A---- C:\WINDOWS\system32\ssnvfx.ini
2011-02-06 17:16:39 ----A---- C:\WINDOWS\system32\SStrmZHT.dll
2011-02-06 17:16:39 ----A---- C:\WINDOWS\system32\SStrmZHC.dll
2011-02-06 17:16:39 ----A---- C:\WINDOWS\system32\SStrmTR.dll
2011-02-06 17:16:39 ----A---- C:\WINDOWS\system32\sndstorm.exe
2011-02-06 17:16:38 ----A---- C:\WINDOWS\system32\SStrmTH.dll
2011-02-06 17:16:37 ----A---- C:\WINDOWS\system32\SStrmSV.dll
2011-02-06 17:16:36 ----A---- C:\WINDOWS\system32\SStrmSL.dll
2011-02-06 17:16:36 ----A---- C:\WINDOWS\system32\SStrmSK.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\SStrmRU.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\sstrmres.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\SStrmPTB.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\SStrmPT.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\SStrmPL.dll
2011-02-06 17:16:34 ----A---- C:\WINDOWS\system32\SStrmNO.dll
2011-02-06 17:16:33 ----A---- C:\WINDOWS\system32\SStrmNL.dll
2011-02-06 17:16:33 ----A---- C:\WINDOWS\system32\SStrmKO.dll
2011-02-06 17:16:33 ----A---- C:\WINDOWS\system32\SStrmJA.dll
2011-02-06 17:16:32 ----A---- C:\WINDOWS\system32\SStrmIT.dll
2011-02-06 17:16:31 ----A---- C:\WINDOWS\system32\SStrmHU.dll
2011-02-06 17:16:31 ----A---- C:\WINDOWS\system32\SStrmHE.dll
2011-02-06 17:16:31 ----A---- C:\WINDOWS\system32\SStrmFR.dll
2011-02-06 17:16:31 ----A---- C:\WINDOWS\system32\SStrmFI.dll
2011-02-06 17:16:31 ----A---- C:\WINDOWS\system32\SStrmES.dll
2011-02-06 17:16:30 ----A---- C:\WINDOWS\system32\sstrmenu.dll
2011-02-06 17:16:30 ----A---- C:\WINDOWS\system32\SStrmENG.dll
2011-02-06 17:16:30 ----A---- C:\WINDOWS\system32\SStrmEL.dll
2011-02-06 17:16:30 ----A---- C:\WINDOWS\system32\SStrmDE.dll
2011-02-06 17:16:30 ----A---- C:\WINDOWS\system32\SStrmDA.dll
2011-02-06 17:16:29 ----A---- C:\WINDOWS\system32\SStrmCS.dll
2011-02-06 17:16:29 ----A---- C:\WINDOWS\system32\SStrmAR.dll
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\SSTraZHT.dll
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\SSTraZHC.dll
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\sstray.exe
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\SSTraTR.dll
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\SSTraTH.dll
2011-02-06 17:16:23 ----A---- C:\WINDOWS\system32\SSTraSV.dll
2011-02-06 17:16:22 ----A---- C:\WINDOWS\system32\SSTraSL.dll
2011-02-06 17:16:22 ----A---- C:\WINDOWS\system32\SSTraSK.dll
2011-02-06 17:16:22 ----A---- C:\WINDOWS\system32\SSTraRU.dll
2011-02-06 17:16:21 ----A---- C:\WINDOWS\system32\SSTraPTB.dll
2011-02-06 17:16:21 ----A---- C:\WINDOWS\system32\SSTraPT.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraPL.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraNO.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraNL.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraKO.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraJA.dll
2011-02-06 17:16:20 ----A---- C:\WINDOWS\system32\SSTraIT.dll
2011-02-06 17:16:19 ----A---- C:\WINDOWS\system32\SSTraHU.dll
2011-02-06 17:16:19 ----A---- C:\WINDOWS\system32\SSTraHE.dll
2011-02-06 17:16:19 ----A---- C:\WINDOWS\system32\SSTraFR.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraFI.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraES.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraENG.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraEL.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraDE.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraDA.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraCS.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSTraAR.dll
2011-02-06 17:16:18 ----A---- C:\WINDOWS\system32\SSCplZHT.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplZHC.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplTR.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplTH.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplSV.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplSL.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplSK.dll
2011-02-06 17:16:17 ----A---- C:\WINDOWS\system32\SSCplRU.dll
2011-02-06 17:16:15 ----A---- C:\WINDOWS\system32\SSCplPTB.dll
2011-02-06 17:16:15 ----A---- C:\WINDOWS\system32\SSCplPT.dll
2011-02-06 17:16:15 ----A---- C:\WINDOWS\system32\SSCplPL.dll
2011-02-06 17:16:15 ----A---- C:\WINDOWS\system32\SSCplNO.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplNL.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplKO.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplJA.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplIT.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplHU.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplHE.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplFR.dll
2011-02-06 17:16:14 ----A---- C:\WINDOWS\system32\SSCplFI.dll
2011-02-06 17:16:13 ----A---- C:\WINDOWS\system32\SSCplES.dll
2011-02-06 17:16:13 ----A---- C:\WINDOWS\system32\SSCplENG.dll
2011-02-06 17:16:13 ----A---- C:\WINDOWS\system32\SSCplEL.dll
2011-02-06 17:16:12 ----A---- C:\WINDOWS\system32\SSCplDE.dll
2011-02-06 17:16:12 ----A---- C:\WINDOWS\system32\SSCplDA.dll
2011-02-06 17:16:11 ----A---- C:\WINDOWS\system32\SSCplCS.dll
2011-02-06 17:16:11 ----A---- C:\WINDOWS\system32\SSCplAR.dll
2011-02-06 17:16:11 ----A---- C:\WINDOWS\50comupd.exe
2011-02-04 15:00:15 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-04 15:00:15 ----D---- C:\WINDOWS\system32\cs
2011-02-04 15:00:15 ----D---- C:\WINDOWS\Network Diagnostic
2011-02-04 15:00:15 ----D---- C:\WINDOWS\L2Schemas
2011-02-04 15:00:15 ----ASH---- C:\pagefile.sys
2011-02-04 14:56:18 ----D---- C:\WINDOWS\pss
2011-02-04 14:18:45 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-02-04 14:18:13 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-02-04 14:16:17 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-02-04 14:16:17 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-02-04 14:16:16 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-02-04 14:08:02 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-02-04 14:08:02 ----A---- C:\WINDOWS\system32\irclass.dll
2011-01-31 13:42:59 ----AH---- C:\Documents and Settings\peto\Data aplikací\HhdFJl61DD.txt
2011-01-30 18:17:29 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2011-02-07 11:39:29 ----RD---- C:\Program Files
2011-02-07 11:36:15 ----A---- C:\WINDOWS\wincmd.ini
2011-02-07 02:14:29 ----D---- C:\WINDOWS
2011-02-07 02:04:34 ----SH---- C:\boot.ini
2011-02-07 02:04:34 ----A---- C:\WINDOWS\win.ini
2011-02-07 02:04:34 ----A---- C:\WINDOWS\system.ini
2011-02-07 01:54:11 ----HD---- C:\WINDOWS\inf
2011-02-07 01:53:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-07 01:53:53 ----D---- C:\WINDOWS\system32
2011-02-07 01:53:47 ----D---- C:\WINDOWS\system32\drivers
2011-02-07 01:47:20 ----D---- C:\WINDOWS\Registration
2011-02-07 01:18:40 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-07 01:06:11 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-06 23:49:47 ----D---- C:\Program Files\Winamp
2011-02-06 23:49:04 ----D---- C:\WINDOWS\Debug
2011-02-06 18:09:26 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-06 18:07:37 ----D---- C:\WINDOWS\system32\config
2011-02-06 18:07:05 ----SD---- C:\WINDOWS\Tasks
2011-02-06 18:06:14 ----D---- C:\WINDOWS\AppPatch
2011-02-06 18:06:11 ----D---- C:\Program Files\Common Files
2011-02-04 15:05:24 ----D---- C:\WINDOWS\system32\Setup
2011-02-04 15:05:22 ----D---- C:\WINDOWS\Help
2011-02-04 15:05:13 ----D---- C:\WINDOWS\system32\usmt
2011-02-04 15:05:00 ----D---- C:\WINDOWS\ehome
2011-02-04 15:04:59 ----D---- C:\WINDOWS\ime
2011-02-04 15:04:58 ----RSD---- C:\WINDOWS\Fonts
2011-02-04 15:04:57 ----D---- C:\WINDOWS\Media
2011-02-04 15:04:41 ----D---- C:\WINDOWS\PeerNet
2011-02-04 15:04:24 ----D---- C:\WINDOWS\system32\npp
2011-02-04 15:04:15 ----D---- C:\WINDOWS\msagent
2011-02-04 15:02:04 ----D---- C:\WINDOWS\system32\1029
2011-02-04 15:01:58 ----D---- C:\WINDOWS\twain_32
2011-02-04 15:01:46 ----D---- C:\WINDOWS\system32\icsxml
2011-02-04 15:01:22 ----D---- C:\WINDOWS\system32\ias
2011-02-04 15:01:17 ----D---- C:\WINDOWS\system32\1033
2011-02-04 15:00:15 ----D---- C:\WINDOWS\Driver Cache
2011-02-04 14:41:36 ----AC---- C:\WINDOWS\winamp.ini
2011-02-04 14:37:50 ----SHD---- C:\System Volume Information
2011-02-04 14:37:50 ----D---- C:\WINDOWS\system32\Restore
2011-02-04 14:19:46 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-02-04 14:19:22 ----ASHC---- C:\WINDOWS\fonts\desktop.ini
2011-02-04 14:18:47 ----RD---- C:\WINDOWS\Web
2011-02-04 14:18:38 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-02-04 14:18:18 ----D---- C:\WINDOWS\srchasst
2011-02-04 14:18:16 ----D---- C:\Program Files\Windows Media Player
2011-02-04 14:18:12 ----D---- C:\Program Files\Movie Maker
2011-02-04 14:18:09 ----D---- C:\WINDOWS\system32\oobe
2011-02-04 14:18:03 ----D---- C:\Program Files\NetMeeting
2011-02-04 14:18:00 ----D---- C:\Program Files\Outlook Express
2011-02-04 14:18:00 ----D---- C:\Program Files\Common Files\System
2011-02-04 14:17:50 ----D---- C:\Program Files\Internet Explorer
2011-02-04 14:16:55 ----D---- C:\WINDOWS\system32\Com
2011-02-04 14:16:22 ----D---- C:\WINDOWS\system32\wbem
2011-02-04 14:16:22 ----D---- C:\Program Files\Messenger
2011-02-04 14:16:19 ----D---- C:\Program Files\Windows NT
2011-02-04 14:16:18 ----SHD---- C:\WINDOWS\Installer
2011-02-04 14:15:20 ----D---- C:\WINDOWS\security
2011-02-04 14:08:02 ----D---- C:\WINDOWS\system
2011-02-04 14:07:49 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-02-04 14:07:46 ----D---- C:\WINDOWS\system32\CatRoot
2011-02-04 14:07:14 ----D---- C:\WINDOWS\WinSxS
2011-01-28 12:49:56 ----D---- C:\Documents and Settings\peto\Data aplikací\Skype
2011-01-28 12:10:57 ----D---- C:\Documents and Settings\peto\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-03-19 18688]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2004-12-20 20016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-05-16 26944]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-05-16 42912]
R1 atitray;atitray; \??\C:\Program Files\Radeon Omega Drivers\v3.8.231\ATI Tray Tools\atitray.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-04 717296]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-05-16 94416]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-26 611820]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-05-16 23152]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-06-13 1323995]
S3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
S3 PAC7302;iLook 310; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-10-29 458112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-05-16 17272]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-05-16 144760]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-06-13 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-05-16 247160]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-05-16 349560]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[vyosek]

Log vypada tez v poradku, pouze doporucuji uvolnit volne misto alespon na 5 giga, jinak se Vam budou windows dusit

Nemate zac, rad jsem pomohl Zase nekdy