Motji: Prosím o kontrolu logu

[PATWIST]

Už mám aj problém že pri zapínaní PC dlho píše Vitejte a potom asi 3 minúty ukazuje len pozadie a až potom nabehnú ikonky. Akurát som nainštaloval Avast - spýtalo sa či chcem kontrolu lokálnych diskov pri ďalšom spustení PC (je to defragmentácia?)

LOG S RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by PATOWIST at 2011-04-27 20:59:44
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (5%) free of 23 GB
Total RAM: 1023 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:59, on 27. 4. 2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Programy\DU Meter\DUMeterSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Programy\Hack\Net Control 2\ahs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\Explorer.exe
D:\STIAHNUTE SUBORY Z INTERNETU\setup_av_free.exe
C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\_av_sfx.tm~a03736\avast.setup
C:\Program Files\Mozilla Firefox\firefox.exe
D:\STIAHNUTE SUBORY Z INTERNETU\RSIT.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\ashQuick.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\Program Files\trend micro\PATOWIST.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51636
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: revenuestreaming browser enhancer - {10EE90C4-97A0-6B19-B420-31133D32982B} - C:\WINDOWS\system32\bjdooocacko.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: yourprofitclub - {cccc4191-0c5d-d409-3a23-94532ff7390c} - C:\WINDOWS\system32\a251b3f.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [NTFS_ext_drv] \\?\globalroot\systemroot\system32\ntfs_ext6.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [sdodcoectjloen] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\bjdooocacko.dll"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [AdVantage] C:\Documents and Settings\PATOWIST\Data aplikací\advantage\AdVantage.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_sk;_rv:1.9.2.15)_Gecko/20110303_Firefox/2.0.0.5;MEGAUPLOAD_1.0_(_.NET_CLR" -"http://www.eadultgames.com/games/square ... uzzle.html"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: IpSectPro service new (36820) - Unknown owner - C:\WINDOWS\system\418710.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - D:\Programy\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: Net Control 2 Administrator. Helper Service. (NetControl2.AdminHelper) - Net Software 2 - D:\Programy\Hack\Net Control 2\ahs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - D:\Programy\Nero\Nero BackItUp 4\IoctlSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 10801 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATWIST-PATOWIST.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-776561741-839522115-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-776561741-839522115-1005UA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EE90C4-97A0-6B19-B420-31133D32982B}]
revenuestreaming browser enhancer - C:\WINDOWS\system32\bjdooocacko.dll [2011-04-04 924160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cccc4191-0c5d-d409-3a23-94532ff7390c}]
yourprofitclub - C:\WINDOWS\system32\a251b3f.dll [2011-03-16 2738688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}]
Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-04 16120832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2011-04-18 928496]
"NTFS_ext_drv"=\\?\globalroot\systemroot\system32\ntfs_ext6.exe []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
""= []
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]
"sdodcoectjloen"=C:\WINDOWS\System32\regsvr32.exe [2004-08-17 12288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-04-18 3460784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-02-28 427008]
"AdVantage"=C:\Documents and Settings\PATOWIST\Data aplikací\advantage\AdVantage.exe [2011-04-17 136192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Programy\Steam\Steam.exe [2010-12-15 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3
"Abel"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RAinit]
C:\WINDOWS\system32\RAinit.dll [2008-07-03 58704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-11-11 312112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000
"MaxRecentDocs"=11
"NoToolbarCustomize"=0
"NoBandCustomize"=0
"NoDrives"=0x00000000
"NoSharedDocuments"=0x01000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoToolbarCustomize"=0
"NoBandCustomize"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\Programy\Steam\steamapps\patwist\condition zero\hl.exe"="D:\Programy\Steam\steamapps\patwist\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programy\Steam\Steam.exe"="D:\Programy\Steam\Steam.exe:*:Enabled:Steam"
"D:\Programy\Steam\steamapps\patwist\dedicated server\hlds.exe"="D:\Programy\Steam\steamapps\patwist\dedicated server\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Programy\Steam\steamapps\patwist\dedicated server\hltv.exe"="D:\Programy\Steam\steamapps\patwist\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Java\jre1.6.0_01\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.6.0_01\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programy\totalcmd\TOTALCMD.EXE"="D:\Programy\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"D:\Games\Counter Strike 1.6 Non Steam\hl.exe"="D:\Games\Counter Strike 1.6 Non Steam\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Games\Counter Strike 1.6 Non Steam\hlds.exe"="D:\Games\Counter Strike 1.6 Non Steam\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Games\Counter Strike 1.6 Non Steam\cstrike.exe"="D:\Games\Counter Strike 1.6 Non Steam\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"D:\Games\stahujem\OTHERS\HTML\Prizee\Prizee Offline\serwer_prizee.exe"="D:\Games\stahujem\OTHERS\HTML\Prizee\Prizee Offline\serwer_prizee.exe:*:Enabled:serwer_prizee"
"D:\Games\stahujem\OTHERS\HTML\Prizee\Prizee Offline\http_prizee.exe"="D:\Games\stahujem\OTHERS\HTML\Prizee\Prizee Offline\http_prizee.exe:*:Enabled:http_prizee"
"D:\Games\Counter Strike 1.6 Non Steam\hltv.exe"="D:\Games\Counter Strike 1.6 Non Steam\hltv.exe:*:Enabled:HLTV Launcher"
"D:\Programy\uTorrent\utorrent.exe"="D:\Programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\5F53.exe"="C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\5F53.exe:*:Enabled:Microsoft Windows Update Platform"
"C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\10.exe"="C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\10.exe:*:Enabled:Microsoft Windows Update Platform"
"C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\1146.exe"="C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\1146.exe:*:Enabled:Microsoft Windows Update Platform"
"D:\Programy\Phone Remote Control\PhoneRemoteControl.exe"="D:\Programy\Phone Remote Control\PhoneRemoteControl.exe:*:Enabled: "
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"D:\Games\stahujem\hack\Ovladanie PC\Net Control\Osa9.exe"="D:\Games\stahujem\hack\Ovladanie PC\Net Control\Osa9.exe:*:Enabled:Osa9"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD"
"D:\Programy\Unified Remote\UnifiedRemoteServer.exe"="D:\Programy\Unified Remote\UnifiedRemoteServer.exe:*:Enabled:Unified Remote Server"
"D:\Games\stahujem\hack\realhack\aa\DoS attack by marsmela - posterus.cz DOWN programs\SuperScan.exe"="D:\Games\stahujem\hack\realhack\aa\DoS attack by marsmela - posterus.cz DOWN programs\SuperScan.exe:*:Enabled:SuperScan 4 Beta 1"
"E:\setup\hpznui01.exe"="E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"\"="C:\WINDOWS\system\418710.exe:*:Enabled:KL"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"D:\Programy\MyPhoneExplorer\MyPhoneExplorer.exe"="D:\Programy\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"D:\Games\stahujem\Software\Tlaciaren\setup\hpznui01.exe"="D:\Games\stahujem\Software\Tlaciaren\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"D:\Programy\Steam\steamapps\patwist\counter-strike\hl.exe"="D:\Programy\Steam\steamapps\patwist\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\FlashFXP\FlashFXP.exe"="D:\Programy\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"E:\setup\hpznui01.exe"="E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe"="C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"D:\Games\stahujem\Software\Tlaciaren\setup\hpznui01.exe"="D:\Games\stahujem\Software\Tlaciaren\setup\hpznui01.exe:*:Enabled:hpznui01.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

======List of files/folders created in the last 1 months======

2011-04-27 20:59:03 ----N---- C:\WINDOWS\system32\trz14.tmp
2011-04-27 20:58:06 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-27 20:58:06 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-27 20:58:03 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-27 20:58:03 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-04-27 20:58:03 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-27 20:58:02 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-27 20:58:02 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-27 20:58:01 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-27 20:57:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-27 20:56:34 ----D---- C:\Program Files\AVAST Software
2011-04-27 20:56:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-04-26 22:43:08 ----D---- C:\rsit
2011-04-18 01:11:42 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-04-18 00:17:53 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Mikrotik
2011-04-17 23:55:35 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2011-04-17 19:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-04-17 19:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-04-17 19:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-04-17 17:21:31 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\advantage
2011-04-17 16:33:23 ----A---- C:\WINDOWS\jqkx_m24.ini
2011-04-17 16:33:23 ----A---- C:\WINDOWS\cgxz-kn16.ini
2011-04-17 04:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-04-17 03:43:25 ----RSHD---- C:\WINDOWS\system32\rpcnetp
2011-04-17 01:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-04-17 01:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2011-04-17 01:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-04-17 01:26:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-04-17 01:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-04-15 17:41:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-04-15 17:33:23 ----D---- C:\Program Files\Adobe Media Player
2011-04-15 16:20:52 ----D---- C:\Program Files\MSN Toolbar
2011-04-15 16:20:33 ----D---- C:\Program Files\MSN Toolbar Installer
2011-04-15 16:19:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
2011-04-15 16:16:39 ----D---- C:\Program Files\HP
2011-04-15 01:37:32 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\MyPhoneExplorer
2011-04-14 17:34:59 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-04-14 17:34:59 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-04-14 17:34:56 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-04-14 17:34:53 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-04-14 17:30:03 ----D---- C:\Program Files\OpenAL
2011-04-14 17:30:03 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-04-14 17:30:03 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-04-14 16:10:39 ----A---- C:\WINDOWS\treeskp.sys
2011-04-14 15:14:46 ----A---- C:\Documents and Settings\All Users\Data aplikací\hpe163D.dll
2011-04-14 15:10:56 ----D---- C:\Program Files\Avanquest update
2011-04-14 15:10:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avanquest
2011-04-14 15:10:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
2011-04-14 15:06:30 ----A---- C:\Documents and Settings\All Users\Data aplikací\hpe1596.dll
2011-04-14 03:14:01 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-04-14 03:14:01 ----A---- C:\WINDOWS\system32\nvgenco322040.dll
2011-04-14 03:14:01 ----A---- C:\WINDOWS\system32\nvdispco322090.dll
2011-04-14 03:14:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-04-14 01:02:40 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Chirurgie Simulation
2011-04-12 17:06:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-04-12 16:57:03 ----D---- C:\Program Files\Common Files\Skype
2011-04-12 16:56:56 ----RD---- C:\Program Files\Skype
2011-04-12 16:44:51 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ
2011-04-12 16:44:42 ----D---- C:\Program Files\ICQ7.4
2011-04-12 16:22:13 ----D---- C:\Program Files\Opera
2011-04-11 20:32:20 ----A---- C:\WINDOWS\system32\7076a059.exe
2011-04-11 20:32:16 ----A---- C:\WINDOWS\system32\kywiyxyslvhjvvr.exe
2011-04-11 12:27:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
2011-04-10 20:58:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-04-10 20:57:45 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-04-10 20:57:44 ----A---- C:\WINDOWS\system32\javaws.exe
2011-04-10 20:57:44 ----A---- C:\WINDOWS\system32\javaw.exe
2011-04-10 20:57:44 ----A---- C:\WINDOWS\system32\java.exe
2011-04-09 22:41:01 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Mp3tag
2011-03-29 21:24:21 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2011-03-29 21:24:20 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-03-29 21:23:30 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-03-29 21:21:25 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-29 17:38:35 ----A---- C:\WINDOWS\system32\qeykvoic-.exe
2011-03-29 17:38:34 ----A---- C:\WINDOWS\system32\qeykvoicŇ.exe
2011-03-29 17:38:33 ----A---- C:\WINDOWS\system32\qeykvoicŢ.exe
2011-03-29 17:38:32 ----A---- C:\WINDOWS\system32\qeykvoicĐ.exe
2011-03-29 17:38:32 ----A---- C:\WINDOWS\system32\qeykvoic’.exe
2011-03-29 17:38:31 ----A---- C:\WINDOWS\system32\qeykvoicx.exe
2011-03-29 17:38:31 ----A---- C:\WINDOWS\system32\qeykvoic».exe
2011-03-29 17:38:29 ----A---- C:\WINDOWS\system32\qeykvoic±.exe
2011-03-29 17:38:25 ----A---- C:\WINDOWS\system32\qeykvoicj.exe
2011-03-29 17:38:23 ----A---- C:\WINDOWS\system32\qeykvoic–.exe
2011-03-29 17:38:22 ----A---- C:\WINDOWS\system32\qeykvoicč.exe
2011-03-29 16:30:54 ----A---- C:\WINDOWS\system32\qeykvoicÁ.exe
2011-03-29 16:30:49 ----A---- C:\WINDOWS\system32\qeykvoicö.exe
2011-03-28 21:37:29 ----A---- C:\WINDOWS\system32\hpf3l101.dll
2011-03-28 19:08:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Web Page Maker
2011-03-28 15:59:06 ----A---- C:\WINDOWS\system32\qeykvoic&.exe

======List of files/folders modified in the last 1 months======

2011-04-27 20:59:53 ----D---- C:\Program Files\trend micro
2011-04-27 20:59:15 ----D---- C:\WINDOWS\Temp
2011-04-27 20:59:06 ----D---- C:\WINDOWS\system32
2011-04-27 20:58:06 ----D---- C:\WINDOWS\system32\drivers
2011-04-27 20:57:33 ----SHD---- C:\WINDOWS\Installer
2011-04-27 20:57:33 ----HD---- C:\Config.Msi
2011-04-27 20:57:32 ----D---- C:\WINDOWS\WinSxS
2011-04-27 20:57:01 ----D---- C:\WINDOWS
2011-04-27 20:56:34 ----D---- C:\Program Files
2011-04-27 20:55:52 ----SD---- C:\WINDOWS\Tasks
2011-04-27 20:53:57 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-27 20:50:39 ----A---- C:\WINDOWS\system32\tmp.tmp
2011-04-27 20:50:36 ----D---- C:\Program Files\ESET
2011-04-27 20:39:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-27 17:01:16 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\uTorrent
2011-04-27 16:56:01 ----D---- C:\WINDOWS\Debug
2011-04-27 16:37:27 ----D---- C:\WINDOWS\Prefetch
2011-04-18 01:59:48 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-18 01:12:39 ----HD---- C:\WINDOWS\inf
2011-04-18 01:11:57 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-04-17 23:12:18 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Skype
2011-04-17 19:03:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-17 19:02:11 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-17 18:05:12 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\skypePM
2011-04-17 17:21:30 ----SD---- C:\Documents and Settings\PATOWIST\Data aplikací\Microsoft
2011-04-17 14:44:59 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-04-17 01:29:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-04-16 23:57:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-04-16 23:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-04-16 23:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-04-16 23:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2011-04-16 23:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-04-16 23:57:16 ----HDC---- C:\WINDOWS\$NtUninstallwinusb0100$
2011-04-16 23:57:16 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2011-04-16 21:28:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-04-16 14:07:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-16 14:04:23 ----A---- C:\WINDOWS\system32\MRT.INI
2011-04-16 13:52:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-15 17:42:40 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Adobe
2011-04-15 17:36:12 ----D---- C:\Program Files\Common Files\Adobe
2011-04-15 17:35:43 ----RSD---- C:\WINDOWS\Fonts
2011-04-15 17:31:11 ----D---- C:\Program Files\Adobe
2011-04-15 17:29:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-04-15 16:25:41 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\HpUpdate
2011-04-15 16:20:53 ----D---- C:\Program Files\Microsoft
2011-04-15 16:20:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-15 16:19:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2011-04-15 16:17:57 ----D---- C:\WINDOWS\twain_32
2011-04-14 22:42:52 ----A---- C:\WINDOWS\win.ini
2011-04-14 19:20:23 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-14 17:35:05 ----D---- C:\WINDOWS\system32\DirectX
2011-04-14 17:31:23 ----RSD---- C:\WINDOWS\assembly
2011-04-14 15:19:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2011-04-14 15:19:50 ----D---- C:\Program Files\Sony Ericsson
2011-04-14 03:16:23 ----D---- C:\WINDOWS\Help
2011-04-14 03:15:30 ----D---- C:\Program Files\NVIDIA Corporation
2011-04-14 02:05:53 ----A---- C:\WINDOWS\WINCMD.INI
2011-04-14 02:05:53 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-04-13 12:20:15 ----A---- C:\WINDOWS\wininit.ini
2011-04-12 20:56:57 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\TuneUp Software
2011-04-12 16:57:03 ----D---- C:\Program Files\Common Files
2011-04-12 16:56:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-04-12 15:49:31 ----HD---- C:\Program Files\InstallJammer Registry
2011-04-11 19:53:43 ----D---- C:\WINDOWS\system32\config
2011-04-11 18:02:55 ----D---- C:\Documents and Settings\PATOWIST\Data aplikací\Uniblue
2011-04-11 15:00:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\DriverScanner
2011-04-11 14:56:38 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2011-04-10 21:02:09 ----D---- C:\Program Files\SystemRequirementsLab
2011-04-10 20:58:18 ----D---- C:\Program Files\Common Files\Java
2011-04-10 20:57:41 ----D---- C:\Program Files\Java
2011-04-10 20:57:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-04 22:02:40 ----A---- C:\WINDOWS\system32\bjdooocacko.dll
2011-03-29 21:23:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-03-29 18:07:11 ----D---- C:\WINDOWS\Minidump
2011-03-29 17:38:21 ----A---- C:\WINDOWS\system32\qeykvoicŕ.exe
2011-03-28 23:54:31 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-28 23:54:21 ----D---- C:\WINDOWS\system
2011-03-28 16:02:24 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-01-05 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-04-18 30680]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-04-18 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-04-18 307288]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-04-18 49240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 XPROTECTOR;XPROTECTOR; \??\C:\WINDOWS\system32\drivers\Oreans.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-06 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-04-18 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-04-18 102488]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 RARfsDriver;RemotelyAnywhere Remote File System Driver; \??\C:\WINDOWS\system32\drivers\RARfsDriver.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-12 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-06 4258816]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 ramirr;ramirr; C:\WINDOWS\system32\DRIVERS\ramirr.sys [2007-04-17 10168]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-02-10 47488]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
R3 VMUVC;Vimicro Camera Service VMUVC; C:\WINDOWS\System32\Drivers\VMUVC.sys [2008-08-29 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\WINDOWS\system32\drivers\vvftUVC.sys [2008-07-01 398720]
R3 xcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\drivers\xcpip.sys []
R3 xpsec;Ovladač IPSEC; C:\WINDOWS\system32\drivers\xpsec.sys []
S0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
S0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-04-18 441176]
S2 Nups;Nups; C:\WINDOWS\system32\drivers\Nups.sys []
S2 RAInfo;RemotelyAnywhere Kernel Information Provider; \??\D:\Programy\RemotelyAnywhere\x86\RaInfo.sys []
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\zntport.sys []
S3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2004-08-23 29440]
S3 Amsmpu4p;Amsmpu4p; \??\C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\Amsmpu4p.sys []
S3 aytlvanq;aytlvanq; C:\WINDOWS\system32\drivers\aytlvanq.sys []
S3 BTCAMDRV;Mobiola Web Camera driver; C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys [2006-11-01 219264]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpuz;cpuz; \??\C:\DOCUME~1\patwistt\LOCALS~1\Temp\cpuz.sys []
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\D:\Programy\DU Meter\DUM_XP32.SYS []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-12-15 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-12-15 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-04 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ncvhook;ncvhook; C:\WINDOWS\system32\DRIVERS\ncvhook.sys [2008-11-08 6896]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 ntportio;ntportio; \??\C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\u\1267129103\ntportio.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-09-24 47360]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-01-31 560896]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-03 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-02-24 40192]
S3 trial;trial; \??\C:\DOCUME~1\PATOWIST\LOCALS~1\Temp\Rar$EX00.454\aeq_suxx.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 RARfsClientNP;RARfsClientNP; C:\WINDOWS\system32\drivers\RARfsClientNP.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-04-18 42184]
R2 DUMeterSvc;DU Meter Service; D:\Programy\DU Meter\DUMeterSvc.exe [2011-04-11 1412488]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-18 1378040]
R2 NetControl2.AdminHelper;Net Control 2 Administrator. Helper Service.; D:\Programy\Hack\Net Control 2\ahs.exe [2009-01-14 52736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 36820;IpSectPro service new; C:\WINDOWS\system\418710.exe []
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; D:\Programy\Nero\Nero BackItUp 4\IoctlSvc.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-26 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 Abel;Abel; C:\Program Files\Cain\Abel.exe []
S4 gupdate1c9feeb4d770e2c;Služba Google Update (gupdate1c9feeb4d770e2c); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-02 136176]
S4 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer
Já se ani nedivím .
zazálohujte si důležitá data, kdyby systém spadl.

Otestujte na http://www.virustotal.com
C:\WINDOWS\system32\qeykvoicö.exe

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

A prosím ty cracklé programy vyhodte

[PATWIST]

Akurát som dal na Avaste rýchly test, zatiaľ mám 15%. Šiel som na virustotal dal som tam ten súbor a avast ho presunul do karantény a už píše že tam ten súbor nieje takže teda nemôžem ho preskúmať ale je to malware.

[motji]

Těch souborů tam máte víc, tak snad je Avast najde. pak dejte mbam a zítra ráno nechám další pokyny

[PATWIST]

1h 50min to šlo našlo 20 chyb zatial, zajtra po obede zapnem znova a necham az do konca

[motji]

A udělejte i ten mbam. Hlavně si zazálohujte fotky a podobně, myslím že ten systém nebude v dvakrát dobré kondici .

[PATWIST]

Áno veď ten mbam som mal spustený 1h a 50m ale zrušil som skenovanie. Avast ho rýchlym skenom preskenoval za polhodinu asi. Teraz som ho zapal a nechám do konca. A o dôležité veci sa už nemusím báť (teda premňa fotky) pretože mám externý harddisk (dúfam že tam není vír

[PATWIST]

Skenovanie trvalo 2h 20m. A ako pozerám tak tam našlo 54 problémov, sám by som si trúfol odstrániť 13 u ktorých na 100% viem že by sa nič nestalo ale tie so slozky windows uz nie dosť cheatov na CS - tie som nepoužíval na serveroch iba proti botom. Mám kúpené hry na steame a nemám BANán

LOG S MBAM:

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verzia databázy: 6459

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

28. 4. 2011 17:05:41
mbam-log-2011-04-28 (17-05-37).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 296069
Uplynutý čas: 2 hod, 21 min, 16 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 15
Infikované registračné hodnoty: 4
Infikované položky registračných dát: 0
Infikované priečinky: 2
Infikované súbory: 31

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe (Security.Hijack) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{10EE90C4-97A0-6B19-B420-31133D32982B} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EE90C4-97A0-6B19-B420-31133D32982B} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EE90C4-97A0-6B19-B420-31133D32982B} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EE90C4-97A0-6B19-B420-31133D32982B} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kywiyxyslvhjvvr (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_NUPS (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Nups (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\XPROTECTOR (Backdoor.Trojan) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cccc4191-0c5d-d409-3a23-94532ff7390c} (Adware.AdRotator) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cccc4191-0c5d-d409-3a23-94532ff7390c} (Adware.AdRotator) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCCC4191-0C5D-D409-3A23-94532FF7390C} (Adware.AdRotator) -> No action taken.

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdVantage (Adware.Vomba) -> Value: AdVantage -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NTFS_ext_drv (Backdoor.DDoS) -> Value: NTFS_ext_drv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdodcoectjloen (Trojan.Agent) -> Value: sdodcoectjloen -> No action taken.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
c:\WINDOWS\system32\28463 (Keylogger.Ardamax) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) -> No action taken.

Infikované súbory:
c:\documents and settings\PATOWIST\data aplikací\cashfiesta\_cfautoupdate\CFFilter.dll (Adware.CashFiesta) -> No action taken.
c:\documents and settings\PATOWIST\dokumenty\Keygens\flashfxp 3.8 (3.7.7 build 1317) beta.exe (RiskWare.Tool.CK) -> No action taken.
c:\documents and settings\PATOWIST\dokumenty\Keygens\hide ip platinum 3.3.exe (Trojan.Agent.CK) -> No action taken.
d:\Programy\Zábavné\notor_motor.exe (Application.Joke) -> No action taken.
d:\system volume information\_restore{feb6d5cb-154e-4cbe-9de2-838bd3e96843}\RP80\A0017388.exe (Backdoor.Bot) -> No action taken.
d:\system volume information\_restore{feb6d5cb-154e-4cbe-9de2-838bd3e96843}\RP136\A0083850.exe (Trojan.Downloader) -> No action taken.
d:\system volume information\_restore{feb6d5cb-154e-4cbe-9de2-838bd3e96843}\RP139\A0089504.exe (Adware.CashFiesta) -> No action taken.
d:\system volume information\_restore{feb6d5cb-154e-4cbe-9de2-838bd3e96843}\RP139\A0089505.dll (Adware.CashFiesta) -> No action taken.
d:\Games\stahujem\hack\Hide IP\hide ip platinum v3.5\keygen.exe (Trojan.Agent.CK) -> No action taken.
d:\Games\stahujem\hack\password crackery\Brutus\BrutusA2.exe (HackTool.Brutus) -> No action taken.
d:\games\stahujem\hack\realhack\aa\vex6.exe (Trojan.VB) -> No action taken.
d:\Games\stahujem\hack\realhack\aa\bruteforcer\BrutusA2.exe (HackTool.Brutus) -> No action taken.
d:\Games\stahujem\OTHERS\CS\cs cheats\badboy v5\BaDBoYv5.exe (HackTool.Agent) -> No action taken.
d:\Games\stahujem\OTHERS\CS\cs cheats\BoY\BaDBoYv5.exe (HackTool.Agent) -> No action taken.
d:\Games\stahujem\OTHERS\CS\cs cheats\ogc xtreme codename v6.1858\xtreme6.exe (Trojan.Armin) -> No action taken.
d:\Games\stahujem\OTHERS\CS\cs cheats\super simple wallhack v2.9\super simple wall v2.9.exe (Trojan.Armin) -> No action taken.
d:\Games\stahujem\OTHERS\CS\css cheats\hoh hook v1.0\hack.exe (Trojan.Downloader) -> No action taken.
d:\Games\stahujem\OTHERS\CS\css cheats\p7 css v1.7\hack.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\all users\data aplikací\microsoft\id.txt (Malware.Trace) -> No action taken.
c:\documents and settings\PATOWIST\data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\bjdooocacko.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\drivers\Oreans.sys (Backdoor.Trojan) -> No action taken.
c:\WINDOWS\system32\28463\MEKL.001 (Keylogger.Ardamax) -> No action taken.
c:\WINDOWS\system32\28463\MEKL.002 (Keylogger.Ardamax) -> No action taken.
c:\WINDOWS\system32\28463\MEKL.005 (Keylogger.Ardamax) -> No action taken.
c:\WINDOWS\system32\28463\MEKL.008 (Keylogger.Ardamax) -> No action taken.
c:\WINDOWS\system32\28463\MEKL.009 (Keylogger.Ardamax) -> No action taken.
c:\WINDOWS\system32\28463\mekl.009.tmp (Keylogger.Ardamax) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe.vir (Worm.AutoRun.Gen) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) -> No action taken.
c:\WINDOWS\system32\a251b3f.dll (Adware.AdRotator) -> No action taken.

[motji]

Nádhera, vše v mbamu smažte.
S tím že na externím disku není vir bych si nebyla tak jistá , protože na tomto disku máte vir recycler, který se přes autorun šíří i na externí disky .
Připojte externí disk kvůli tomu viru, pokud by spadl systém, nebojte, o data na externím disku nepřijdete.

Zapojte do pc všechny usb klíče, flashky...co používáte

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[PATWIST]

Mám ešte dva problémy, po zapnutí dosť dlho (nemal som to tak) pri prejdeni mysou nad dolny panel kde je start atd sa ukazu presypacie hodiny - proste nereaguje.
Avast mi niekedy vo firefoxe zachyti ze to chcelo ist na nejaku stranku ale zablokovalo - snad stinem odscreenovat.

Načo mám použiť ten ComboFix? Je to na repair tych externych veci? usb, harddisk?

[motji]

Problémy můžete mít, mbam sice něco smazal, ale určitě tam něco zůstalo.
Combofix je detekční a mazací nástroj, navíc opravuje systémové soubory a podobně.
Takže mi věřte a spusťte ho

[PATWIST]

Pri spustení z plochy (podľa návodu) mi to napíše chyba 16bitoveho podsystemu

[motji]

Zkuste combofix přejmenovat na cokoliv.com a spustit ho z nouzového režimu

[motji]

Po domluvě po SZ

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 
SAVEMBR:0

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[PATWIST]

Dobrý deň ,

LOGY S OTL:

OTL.txt

Extras.txt

Vopred ďakujem