Trojan v svchost.exe

[spacek]

Dobrý den, není to dlouho a jsem tu zase. Takže k věci. Svchost.exe je pokud vím systémový soubor a Spyware Terminator mi v něm ukazuje Trojana. Už nevím co mám dělat. Zde je log z HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:23, on 18.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\Spáčil\Data aplikací\Dropbox\bin\Dropbox.exe
C:\Documents and Settings\Spáčil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Documents and Settings\Spáčil\Data aplikací\OCS\SM\SearchAnonymizerHelper.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Documents and Settings\Spáčil\Dokumenty\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Stylish Profile\enlbrdr.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\system32\Microsoft\Svchost.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\Microsoft\Svchost.exe
O4 - HKCU\..\RunOnce: [SpeedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Microsoft\Svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\Microsoft\Svchost.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-cl ... ynoCAB.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6015223093
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A46BD4E5-47A6-493C-A94E-9FEFFA35B666}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9fb2b93e9320e) (gupdate1c9fb2b93e9320e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SearchAnonymizer - Unknown owner - C:\Documents and Settings\Spáčil\Data aplikací\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/SPIL~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 13359 bytes

A tady ještě screen ze Spyware Terminatoru

[motji]

Dobrý večer
Svchost je sice systémový soubor, ale v jiné složce
C:\WINDOWS\system32\Microsoft\Svchost.exe, ta složka microsoft tam nepatří

Combofix stahněte takto:
- pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď ho přejmenujte na Potvora.com a uložte.


Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[spacek]

Tak je tady:

ComboFix 10-04-17.07 - Spáčil 19.04.2010 15:30:25.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1526 [GMT 2:00]
Spuštěný z: c:\documents and settings\Spáčil\Plocha\Potvora.com.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\windows\struct~.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-19 do 2010-04-19 )))))))))))))))))))))))))))))))
.

2010-04-17 14:07 . 2010-04-17 14:07 -------- d-----w- c:\program files\Free FLV Converter
2010-04-17 09:12 . 2010-04-17 09:12 -------- d-----w- C:\MoTemp
2010-04-16 19:40 . 2010-04-16 19:40 -------- d-----w- c:\program files\dumps
2010-04-16 12:58 . 2010-04-16 12:58 -------- d-----w- c:\program files\Seznam
2010-04-16 11:52 . 2010-04-16 11:52 -------- d-----w- c:\windows\XSxS
2010-04-16 11:52 . 2010-04-16 11:52 -------- d-----w- c:\program files\Xenocode
2010-04-13 19:33 . 2010-04-13 19:34 -------- d-----w- c:\program files\MKVtoolnix
2010-04-13 19:12 . 2010-04-17 15:14 -------- d-----w- C:\x264
2010-04-13 19:12 . 2010-04-13 19:12 -------- d-----w- C:\Nová složka
2010-04-13 18:54 . 2009-12-29 08:41 -------- d-----w- C:\bin
2010-04-13 17:05 . 2010-04-13 17:52 -------- d-----w- c:\program files\megui
2010-04-13 17:04 . 2008-01-01 17:12 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-13 17:04 . 2007-12-31 22:00 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-04-13 17:04 . 2010-04-13 17:04 -------- d-----w- c:\program files\ffdshow
2010-04-13 16:27 . 2008-09-19 15:48 1200128 ----a-w- c:\windows\RtkUpd.exe
2010-04-13 16:27 . 2008-12-25 15:32 3721664 ----a-w- c:\windows\system32\drivers\RtKHDMI.sys
2010-04-11 19:38 . 2010-04-15 18:06 311296 ----a-w- c:\windows\system32\TubeFinder.exe
2010-04-11 19:37 . 2009-06-19 17:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
2010-04-11 19:37 . 2009-06-19 17:51 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2010-04-11 19:37 . 2009-06-19 17:51 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2010-04-11 19:37 . 2009-06-19 17:51 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2010-04-10 20:57 . 2010-04-10 21:01 -------- d-----w- c:\program files\The KMPlayer
2010-04-10 20:20 . 2010-04-10 20:29 -------- d-----w- c:\program files\iTV
2010-04-08 14:33 . 2010-04-08 14:33 -------- d-----w- c:\program files\All2WAV Recorder
2010-04-04 13:40 . 2010-04-04 13:40 -------- d-----w- c:\program files\Pando Networks
2010-04-04 12:42 . 2010-03-03 04:02 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-04 12:42 . 2010-03-03 04:01 3641344 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-04 12:42 . 2010-03-03 03:07 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-04 12:42 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-04-04 12:42 . 2010-03-03 04:02 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-04 12:42 . 2010-03-03 03:44 14262272 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-04 12:42 . 2010-03-03 03:20 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-04 12:42 . 2010-04-04 14:09 -------- d-----w- c:\program files\ATI
2010-04-03 18:29 . 2010-04-03 18:29 -------- d-----w- C:\cod 2 hax na demo
2010-04-02 16:59 . 2010-04-02 19:18 -------- d-----w- c:\program files\NET Traffic Meter
2010-04-02 16:42 . 2010-04-02 16:42 -------- d-----w- c:\program files\LanMon
2010-04-02 16:42 . 2010-04-02 16:42 249856 ------w- c:\windows\Setup1.exe
2010-04-02 16:42 . 2010-04-02 16:42 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-04-01 11:57 . 2010-04-01 11:58 -------- d-----w- c:\program files\Stylish Profile
2010-04-01 10:54 . 2010-04-01 21:22 -------- d-----w- c:\program files\NCSoft
2010-03-31 21:09 . 2010-04-16 16:05 -------- d-----w- c:\program files\QuickTime
2010-03-31 11:56 . 2010-03-31 12:25 -------- d-----w- C:\wordpress
2010-03-30 15:33 . 2010-03-30 15:33 -------- d-----w- c:\program files\Magic Bullet 2.0
2010-03-28 07:05 . 2010-03-28 07:05 -------- d-----w- c:\program files\Common Files\en-US
2010-03-28 07:05 . 2010-03-28 07:05 -------- d-----w- c:\program files\Common Files\ja-JP
2010-03-26 19:00 . 2010-03-26 19:00 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-03-25 19:52 . 2010-03-25 19:52 -------- d-----w- c:\program files\dllViewer
2010-03-23 16:18 . 2010-03-23 16:18 -------- d-----w- c:\program files\Fraus
2010-03-22 18:51 . 2010-03-22 18:51 -------- d-----w- c:\program files\Common Files\Skype
2010-03-21 16:15 . 2009-07-03 14:13 121344 ----a-w- c:\windows\system32\lagarith.dll
2010-03-21 16:15 . 2010-03-21 16:15 1791 ----a-w- c:\windows\unins000.dat
2010-03-21 16:15 . 2010-03-21 16:15 695642 ----a-w- c:\windows\unins000.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-19 05:30 . 2010-01-13 18:13 -------- d-----w- c:\program files\Spyware Terminator
2010-04-17 21:23 . 2008-09-19 15:10 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-17 21:23 . 2008-09-19 15:09 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-17 17:33 . 2009-01-23 13:01 -------- d-----w- c:\program files\Steam
2010-04-17 16:32 . 2010-02-21 19:10 -------- d-----w- c:\program files\mIRC
2010-04-16 12:48 . 2008-09-18 13:11 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-15 17:45 . 2008-09-22 16:41 -------- d-----w- c:\program files\Xfire
2010-04-15 13:53 . 2009-07-18 17:53 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-04-15 13:51 . 2009-07-18 17:53 -------- d-----w- c:\program files\Autodesk
2010-04-15 07:18 . 2009-05-07 15:07 -------- d-----w- c:\program files\Google
2010-04-13 17:04 . 2009-04-05 18:48 -------- d-----w- c:\program files\AviSynth 2.5
2010-04-13 11:07 . 2006-03-02 12:00 78052 ----a-w- c:\windows\system32\perfc005.dat
2010-04-13 11:07 . 2006-03-02 12:00 429024 ----a-w- c:\windows\system32\perfh005.dat
2010-04-09 12:00 . 2010-01-13 18:23 -------- d-----w- c:\program files\WinClamAVShield
2010-04-06 13:34 . 2010-02-24 13:02 -------- d-----w- c:\program files\ICQ7.0
2010-04-05 20:16 . 2008-11-04 18:03 -------- d-----w- c:\program files\Call of Duty
2010-04-05 10:33 . 2010-03-08 18:19 -------- d-----w- c:\program files\Auto Typer by MurGee
2010-04-05 10:31 . 2009-04-29 12:15 -------- d-----w- c:\program files\Common Files\Apple
2010-04-05 10:28 . 2009-08-21 20:33 -------- d-----w- c:\program files\ABC 3GP Converter
2010-04-04 12:42 . 2008-09-16 12:28 -------- d-----w- c:\program files\ATI Technologies
2010-04-03 19:21 . 2010-01-13 18:14 -------- d-----w- c:\program files\Crawler
2010-04-01 11:57 . 2009-05-03 14:06 -------- d-----w- c:\program files\Opera
2010-04-01 10:54 . 2008-09-16 12:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-31 19:15 . 2009-01-09 19:10 -------- d-----w- c:\program files\AV Vcs 4.0 DIAMOND
2010-03-26 20:30 . 2008-12-30 13:52 -------- d-----w- c:\program files\wowko_bc
2010-03-22 18:51 . 2009-06-30 19:11 -------- d-----r- c:\program files\Skype
2010-03-21 11:01 . 2008-10-11 15:46 -------- d-----w- c:\program files\TmNationsForever
2010-03-20 12:31 . 2008-12-12 15:18 -------- d-----w- c:\program files\TrackMania Sunrise
2010-03-14 18:24 . 2010-03-14 18:24 -------- d-----w- c:\program files\VodBurner
2010-03-13 17:17 . 2010-03-13 17:17 -------- d-----w- c:\program files\qa3
2010-03-13 15:45 . 2010-01-15 17:13 -------- d-----w- c:\program files\ICQ6.5
2010-03-10 06:17 . 2006-03-02 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-04 15:30 . 2010-03-04 15:30 -------- d-----w- c:\program files\Blender Foundation
2010-03-04 07:36 . 2010-03-04 07:36 -------- d-----w- c:\program files\Pyro Studios
2010-03-03 21:11 . 2010-03-03 21:11 -------- d-----w- c:\program files\ImageWarp
2010-03-03 04:21 . 2008-05-15 02:48 4630016 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-03-03 04:07 . 2008-09-16 12:28 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-03-03 03:40 . 2008-09-16 12:28 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-03-03 03:40 . 2010-04-04 12:42 3616096 ----a-w- c:\windows\system32\SET8771.tmp
2010-03-03 03:40 . 2008-05-15 01:49 3616096 ----a-w- c:\windows\system32\ati3duag.dll
2010-03-03 03:39 . 2010-04-04 12:42 301056 ----a-w- c:\windows\system32\SET876B.tmp
2010-03-03 03:39 . 2008-05-15 02:11 301056 ----a-w- c:\windows\system32\ati2dvag.dll
2010-03-03 03:24 . 2010-04-04 12:42 208896 ----a-w- c:\windows\system32\SET879F.tmp
2010-03-03 03:24 . 2008-05-15 02:02 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-03-03 03:24 . 2010-04-04 12:42 2232320 ----a-w- c:\windows\system32\SET8773.tmp
2010-03-03 03:24 . 2008-05-15 01:38 2232320 ----a-w- c:\windows\system32\ativvaxx.dll
2010-03-03 03:24 . 2008-05-15 02:02 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-03-03 03:24 . 2008-09-16 12:28 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-03-03 03:24 . 2008-09-16 12:28 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-03-03 03:24 . 2008-05-15 02:01 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-03-03 03:24 . 2010-04-04 12:42 43520 ----a-w- c:\windows\system32\SET87B5.tmp
2010-03-03 03:24 . 2008-05-15 02:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-03-03 03:23 . 2010-04-04 12:42 159744 ----a-w- c:\windows\system32\SET8793.tmp
2010-03-03 03:23 . 2008-05-15 02:01 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-03-03 03:22 . 2010-04-04 12:42 602112 ----a-w- c:\windows\system32\SET8789.tmp
2010-03-03 03:22 . 2008-05-15 01:59 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-03-03 03:21 . 2008-05-15 01:58 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-03-03 03:16 . 2010-04-04 12:42 565248 ----a-w- c:\windows\system32\SET87C5.tmp
2010-03-03 03:16 . 2008-05-15 01:20 565248 ----a-w- c:\windows\system32\atikvmag.dll
2010-03-03 03:15 . 2008-05-15 01:18 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-03-03 03:14 . 2008-05-15 01:18 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-03-03 03:14 . 2010-04-04 12:42 393216 ----a-w- c:\windows\system32\SET87DB.tmp
2010-03-03 03:14 . 2008-05-15 01:16 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-03-03 03:09 . 2010-04-04 12:42 638976 ----a-w- c:\windows\system32\SET876D.tmp
2010-03-03 03:09 . 2008-05-15 01:12 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2010-03-03 03:07 . 2008-05-15 01:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-03-03 03:07 . 2008-05-15 01:24 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-02-25 19:55 . 2008-09-16 12:28 201875 ----a-w- c:\windows\system32\atiicdxx.dat
2010-02-25 18:31 . 2010-02-25 18:29 -------- d-----w- c:\program files\3DRipperDX
2010-02-25 06:18 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 17:06 . 2009-05-08 18:10 -------- d-----w- c:\program files\SweetIM
2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-24 09:16 . 2010-01-14 13:51 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 15:40 . 2008-10-04 15:54 -------- d-----w- c:\program files\Fraps
2010-02-21 19:30 . 2009-10-04 15:05 -------- d-----w- c:\program files\TeamViewer3
2010-02-20 21:11 . 2008-12-19 12:09 -------- d-----w- c:\program files\Lineage II
2010-02-19 21:55 . 2008-10-07 14:11 -------- d-----w- c:\program files\Sony
2010-02-16 19:08 . 2006-03-02 12:00 2148352 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2006-03-02 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-03-02 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 05:49 . 2010-02-05 05:49 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-01-29 16:44 . 2009-06-24 16:54 980 ----a-w- c:\windows\eReg.dat
2009-05-14 19:02 . 2009-05-14 19:02 3392872 ----a-w- c:\program files\Common Files\adlmint_libFNP.dll
2009-05-14 19:02 . 2009-05-14 19:02 3298152 ----a-w- c:\program files\Common Files\adlmint.dll
2009-04-10 13:52 . 2009-04-10 13:52 36868 ----a-w- c:\program files\uninst-Particular.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-01-07 06:51 185344 ----a-w- c:\program files\Stylish Profile\enlbrdr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Spáčil\Data aplikací\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Spáčil\Data aplikací\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Spáčil\Data aplikací\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-13 3037696]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 16384512]
"Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-13 2166784]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-09-18 949376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Nikon Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Nikon Monitor.lnk
backup=c:\windows\pss\Nikon Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Spáčil^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\Spáčil\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Spáčil^Nabídka Start^Programy^Po spuštění^Magnifier.lnk]
path=c:\documents and settings\Spáčil\Nabídka Start\Programy\Po spuštění\Magnifier.lnk
backup=c:\windows\pss\Magnifier.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-02 03:57 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-05-14 18:03 1103216 ----a-w- c:\program files\Download Manager\DLM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-01-24 10:32 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCsoft Launcher]
2010-04-01 10:55 38184 ----a-w- c:\program files\NCSoft\Launcher\NCLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM]
2010-03-14 13:02 106496 ----a-w- c:\documents and settings\Spáčil\Data aplikací\OCS\SM\SearchAnonymizer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
2010-02-01 16:16 111928 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-07-02 15:38 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\FlatOut\\flatout.exe"=
"c:\\Program Files\\Disney Interactive Studios\\Pure\\Pure.exe"=
"c:\\Program Files\\Soldat\\Soldat.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War Beta\\CoDWaWbeta.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\BitLord\\Downloads\\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\\PES 2009\\pes2009.exe"=
"c:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Vietcong\\vietcong.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Documents and Settings\\Spáčil\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Metin2_TESTER\\metin2.bin"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\Program Files\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\EA GAMES\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Saints Row 2\\SR2_pc.exe"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\patchget.dat"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Paintball2\\paintball2.exe"=
"c:\\Program Files\\wowko_bc\\Launcher.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\insurgency\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\smashball\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\source sdk base\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\diprip warm up\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\day of defeat source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\half-life 2 deathmatch\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\synergy\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\qiko99\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead 2 demo\\left4dead2.exe"=
"c:\\Program Files\\Steam\\steamapps\\cecwee\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Activision\\Call of Duty Modern Warfare 2\\iw4mp.exe"=
"c:\\Program Files\\Activision\\Call of Duty Modern Warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Activision\\Call of Duty Modern Warfare 2\\TeknoGods_MW2SP --ip=85.13.123.3.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\Documents and Settings\\Spáčil\\Dokumenty\\Stažené soubory\\bulanci.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\Team17 Software Ltd\\Worms Forts Under Siege\\WF.exe"=
"c:\\Program Files\\American Conquest - Fight Back\\dmcr.exe"=
"c:\\Program Files\\Capcom\\FLOCK!\\Flock.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\SEGA\\Vancouver 2010\\Vancouver.exe"=
"c:\\Program Files\\EA GAMES\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\patchget.dat"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2BetaUpdater.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2 - BETA\\BFBC2Game.exe"=
"c:\\Program Files\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Pyro Studios\\Imperial Glory\\ImperialGlory.exe"=
"c:\\Program Files\\qa3\\quake3.exe"=
"c:\\Program Files\\Autodesk\\Maya2010\\bin\\maya.exe"=
"c:\\Documents and Settings\\Spáčil\\Local Settings\\Apps\\2.0\\TZZ863GH.TLX\\DJ98PD5M.7ZD\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Documents and Settings\\Spáčil\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"1500:UDP"= 1500:UDP:1500
"3005:UDP"= 3005:UDP:3005
"3101:UDP"= 3101:UDP:3101
"28960:UDP"= 28960:UDP:28960
"27000:UDP"= 27000:UDP:27000
"27015:UDP"= 27015:UDP:27015
"27014:TCP"= 27014:TCP:27014

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [18.9.2008 15:06 15424]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [13.1.2010 20:14 142592]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.1.2010 19:20 222968]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [8.8.2005 14:44 6640]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [30.6.2009 18:57 127496]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.9.2008 16:46 691696]
S2 gupdate1c9fb2b93e9320e;Služba Google Update (gupdate1c9fb2b93e9320e);c:\program files\Google\Update\GoogleUpdate.exe [2.7.2009 17:41 133104]
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10.3.2008 00:04 65536]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [12.3.2009 17:36 86016]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\SPIL~1\LOCALS~1\Temp\WZB8EA9.tmp --> c:\docume~1\SPIL~1\LOCALS~1\Temp\WZB8EA9.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [8.11.2006 09:59 530304]
S3 XDva310;XDva310;\??\c:\windows\system32\XDva310.sys --> c:\windows\system32\XDva310.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 10:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-04-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 15:38]

2010-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 15:41]

2010-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 15:41]

2010-04-19 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2010-04-11 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-12-27 12:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search13.net/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Download All by FlashGet - c:\progra~1\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\progra~1\FlashGet\jc_link.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: c:\windows\system32\imon.dll
TCP: {A46BD4E5-47A6-493C-A94E-9FEFFA35B666} = 208.67.222.222,208.67.220.220
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath - c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\progra~1\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Dyyno\Dyyno Player\npvlc.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\windows\system32\C2MP\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-RunOnce-SpeedUpMyPC - c:\program files\Uniblue\SpeedUpMyPC\launcher.exe
MSConfigStartUp-AutoTyperMurGee - c:\program files\Auto Typer by MurGee\AutoTyper.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
ActiveSetup-{I2NDSL15-0JO7-AK4F-1YU5-L1XDV608D046} - c:\windows\system32\Microsoft\Svchost.exe
AddRemove-Counter-Strike Model Importer v1.0 - c:\3dsmax4\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-19 15:42
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\SPIL~1\LOCALS~1\Temp\WZB8EA9.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-789336058-1960408961-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c5,8c,14,80,d5,88,b6,ad,5e,a3,eb,be,fc,58,ea,aa,5b,24,04,f7,c5,dd,ff,
ff,fb,5a,20,31,3d,f5,4e,6e,df,d5,8d,46,2e,cc,b0,a5,e0,5a,c5,ef,87,0a,26,cc,\
"??"=hex:9d,3d,21,18,7f,d9,c9,ec,df,64,6b,82,e7,2e,a2,5c

[HKEY_USERS\S-1-5-21-789336058-1960408961-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:89,87,d8,33,9e,95,60,b7,4e,37,34,bf,b4,e1,cd,01,57,8e,3b,ef,9b,
e9,b0,25,c6,35,6e,03,75,ae,98,d5,52,29,75,cd,e0,a3,e6,47,db,b9,a1,e6,47,db,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{39c624fc-a9f5-4a3a-b8b9-6db68aea854a}]
@Denied: (Full) (Everyone)
"Model"=dword:0000013e
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):d4,0e,4f,54,60,8e,10,7a,16,1d,7a,62,71,76,45,c7,96,96,54,08,08,
fd,fa,e4,59,ca,2d,d6,09,e6,e0,06,78,05,98,3a,da,4a,25,5f,00,00,00,00,00,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(776)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll

- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2010-04-19 15:45:20
ComboFix-quarantined-files.txt 2010-04-19 13:45

Před spuštěním: Volných bajtů: 42 885 271 552
Po spuštění: Volných bajtů: 43 360 215 040

- - End Of File - - F40FE8879251B0D8B022954DD235EA33

[motji]

ty soubory jste smazal?

tyto složky znáte?
C:\x264
C:\Nová složka
C:\bin
c:\program files\megui
c:\program files\ffdshow

tyto porty znate?
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1500:UDP"= 1500:UDP:1500
"3005:UDP"= 3005:UDP:3005
"3101:UDP"= 3101:UDP:3101
"28960:UDP"= 28960:UDP:28960
"27000:UDP"= 27000:UDP:27000
"27015:UDP"= 27015:UDP:27015
"27014:TCP"= 27014:TCP:27014


používáte Garenu a GameMon?

[spacek]

Které soubory mám smazat? Ano ty složky znám... Promiň ale v těch portech se nevyznám . No tak Garenu mám, občas si na ni něco zahraji, ale GameMon nemám.

[motji]

Myslela jsem ty, co hlásil Terminátor, v logu už je nikde nevidím

[motji]

Já Vám ty porty smažu a když tak si je ve firewalle zase povolíte


Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Folder::
c:\program files\SweetIM
C:\Program Files\DAEMON Tools Toolbar

Driver::
npggsvc
XDva310

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1500:UDP"=-
"3005:UDP"=-
"3101:UDP"=-
"28960:UDP"=-
"27000:UDP"=-
"27015:UDP"=-
"27014:TCP"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

Dirlook::
C:\MoTemp

File::
c:\windows\system32\SET8771.tmp
c:\windows\system32\SET876B.tmp
c:\windows\system32\SET879F.tmp
c:\windows\system32\SET8773.tmp
c:\windows\system32\SET87B5.tmp
c:\windows\system32\SET8793.tmp
c:\windows\system32\SET8789.tmp
c:\windows\system32\SET87C5.tmp
c:\windows\system32\SET87DB.tmp
c:\windows\system32\SET876D.tmp
c:\windows\system32\GameMon.des
c:\program files\Stylish Profile\enlbrdr.dll
c:\windows\system32\XDva310.sys

Extra::

DDS::
uDefault_Search_URL = hxxp://search13.net/
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/

Firefox::
FF - ProfilePath - c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=
FF - component: c:\documents and settings\Spáčil\Data aplikací\Mozilla\Firefox\Profiles\i5d7g25t.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


Stahněte MBAM z mého podpisu
-Nainstalujte,dejterychlý sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[spacek]

ComboFix log byl moc dlouhý, tak jsem ho upnul na edisk.cz - http://www.edisk.cz/stahni/33145/ComboF ... .82KB.html

MBAM log:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3536
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.4.2010 14:05:51
mbam-log-2010-04-20 (14-05-41).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 111090
Uplynulý čas: 5 minute(s), 7 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com/) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Documents and Settings\Spáčil\Data aplikací\logs.dat (Bifrose.Trace) -> No action taken.

[motji]

Co našel mbam, smažte.
Jak to ted vypadá s počítačem?

[spacek]

PC dobrý, děkuji ti

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[spacek]

Log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Spáčil at 2010-04-21 15:03:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 74 GB (12%) free of 610 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:33, on 21.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Documents and Settings\Spáčil\Dokumenty\Stažené soubory\RSIT.exe
C:\Documents and Settings\Spáčil\Dokumenty\Downloads\Spáčil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-cl ... ynoCAB.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6015223093
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A46BD4E5-47A6-493C-A94E-9FEFFA35B666}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9fb2b93e9320e) (gupdate1c9fb2b93e9320e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/SPIL~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 11171 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-18 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2008-06-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-20 16384512]
"Monitor"=C:\WINDOWS\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-13 2166784]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-09-18 949376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-13 3037696]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-02 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\Download Manager\DLM.exe [2009-05-14 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCsoft Launcher]
C:\Program Files\NCSoft\Launcher\NCLauncher.exe [2010-04-01 38184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM]
C:\Documents and Settings\Spáčil\Data aplikací\OCS\SM\SearchAnonymizer.exe [2010-03-14 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-02 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Nikon Monitor.lnk]
C:\PROGRA~1\COMMON~1\Nikon\Monitor\NKMONI~1.EXE [2007-10-18 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Spáčil^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\SPIL~1\DATAAP~1\Dropbox\bin\Dropbox.exe [2010-02-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Spáčil^Nabídka Start^Programy^Po spuštění^Magnifier.lnk]
C:\WINDOWS\system32\magnify.exe [2008-04-14 72704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-03-03 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\Program Files\FlatOut\flatout.exe"="C:\Program Files\FlatOut\flatout.exe:*:Enabled:flatout"
"C:\Program Files\Disney Interactive Studios\Pure\Pure.exe"="C:\Program Files\Disney Interactive Studios\Pure\Pure.exe:*:Enabled:Pure"
"C:\Program Files\Soldat\Soldat.exe"="C:\Program Files\Soldat\Soldat.exe:*:Enabled:Soldat"
"C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe"="C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\BitLord\Downloads\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe"="C:\Program Files\BitLord\Downloads\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\Call of Duty\CoDMP.exe"="C:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Vietcong\vietcong.exe"="C:\Program Files\Vietcong\vietcong.exe:*:Enabled:vietcong"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe"="C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\qiko99\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\Spáčil\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe"="C:\Documents and Settings\Spáčil\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe:*:Enabled:dppmmain Application"
"C:\Program Files\Metin2_TESTER\metin2.bin"="C:\Program Files\Metin2_TESTER\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\left 4 dead\left4dead.exe"="C:\Program Files\left 4 dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Saints Row 2\SR2_pc.exe"="C:\Program Files\Saints Row 2\SR2_pc.exe:*:Enabled:SR2_pc"
"C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat"="C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\patchget.dat"="C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\patchget.dat:*:Enabled:patchgrabber"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Paintball2\paintball2.exe"="C:\Program Files\Paintball2\paintball2.exe:*:Enabled:paintball2"
"C:\Program Files\wowko_bc\Launcher.exe"="C:\Program Files\wowko_bc\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe"="C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
"C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 2009\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Steam\steamapps\qiko99\insurgency\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\insurgency\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\smashball\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\smashball\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\diprip warm up\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\diprip warm up\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\qiko99\source sdk base 2007\hl2.exe"="C:\Program Files\Steam\steamapps\qiko99\source sdk base 2007\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\Steam\steamapps\cecwee\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\cecwee\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Activision\Call of Duty Modern Warfare 2\iw4mp.exe"="C:\Program Files\Activision\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Activision\Call of Duty Modern Warfare 2\iw4sp.exe"="C:\Program Files\Activision\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"C:\Program Files\Activision\Call of Duty Modern Warfare 2\TeknoGods_MW2SP --ip=85.13.123.3.exe"="C:\Program Files\Activision\Call of Duty Modern Warfare 2\TeknoGods_MW2SP --ip=85.13.123.3.exe:*:Enabled:TeknoGods_MW2SP --ip=85.13.123.3.exe"
"C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe"="C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe"
"C:\Documents and Settings\Spáčil\Dokumenty\Stažené soubory\bulanci.exe"="C:\Documents and Settings\Spáčil\Dokumenty\Stažené soubory\bulanci.exe:*:Enabled:bulanci"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Team17 Software Ltd\Worms Forts Under Siege\WF.exe"="C:\Program Files\Team17 Software Ltd\Worms Forts Under Siege\WF.exe:*:Enabled:WF"
"C:\Program Files\American Conquest - Fight Back\dmcr.exe"="C:\Program Files\American Conquest - Fight Back\dmcr.exe:*:Enabled:dmcr"
"C:\Program Files\Capcom\FLOCK!\Flock.exe"="C:\Program Files\Capcom\FLOCK!\Flock.exe:*:Enabled:FLOCK!"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe"="C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™"
"C:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA GAMES\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\patchget.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\patchget.dat:*:Enabled:patchgrabber"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"C:\Program Files\TeamViewer3\TeamViewer.exe"="C:\Program Files\TeamViewer3\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pyro Studios\Imperial Glory\ImperialGlory.exe"="C:\Program Files\Pyro Studios\Imperial Glory\ImperialGlory.exe:*:Enabled:ImperialGlory"
"C:\Program Files\qa3\quake3.exe"="C:\Program Files\qa3\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Autodesk\Maya2010\bin\maya.exe"="C:\Program Files\Autodesk\Maya2010\bin\maya.exe:*:Enabled:Maya"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-04-21 15:03:20 ----D---- C:\rsit
2010-04-20 22:21:10 ----SHD---- C:\RECYCLER
2010-04-20 14:05:51 ----A---- C:\mbam-log-2010-04-20 (14-05-41).txt
2010-04-20 13:54:08 ----A---- C:\WINDOWS\struct~.ini
2010-04-19 21:25:29 ----D---- C:\ftp
2010-04-17 17:31:11 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\Dropbox
2010-04-17 16:07:28 ----D---- C:\Program Files\Free FLV Converter
2010-04-17 11:12:26 ----D---- C:\MoTemp
2010-04-16 22:26:30 ----A---- C:\WINDOWS\system32\xfcodec.dll
2010-04-16 21:40:14 ----D---- C:\Program Files\dumps
2010-04-16 15:26:03 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\Uniblue
2010-04-16 14:58:46 ----D---- C:\Program Files\Seznam
2010-04-16 13:52:28 ----D---- C:\WINDOWS\XSxS
2010-04-16 13:52:28 ----D---- C:\Program Files\Xenocode
2010-04-14 07:36:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 07:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 07:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 07:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 07:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 07:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 21:33:55 ----D---- C:\Program Files\MKVtoolnix
2010-04-13 21:12:33 ----D---- C:\x264
2010-04-13 20:54:51 ----D---- C:\bin
2010-04-13 19:05:13 ----D---- C:\Program Files\megui
2010-04-13 19:04:36 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2010-04-13 19:04:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-04-13 19:04:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-04-13 19:04:33 ----D---- C:\Program Files\ffdshow
2010-04-13 18:27:51 ----A---- C:\WINDOWS\RtkUpd.exe
2010-04-11 21:38:03 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2010-04-11 21:37:50 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-04-11 21:37:50 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
2010-04-11 21:37:50 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-04-11 21:37:49 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-04-11 21:37:47 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\FreeFLVConverter
2010-04-10 22:57:30 ----D---- C:\Program Files\The KMPlayer
2010-04-10 22:20:50 ----D---- C:\Program Files\iTV
2010-04-08 16:33:01 ----D---- C:\Program Files\All2WAV Recorder
2010-04-04 15:40:35 ----D---- C:\Program Files\Pando Networks
2010-04-04 14:42:36 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-04-04 14:42:36 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-04-04 14:42:36 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-04-04 14:42:36 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-04-04 14:42:35 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-04-04 14:42:35 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-04-04 14:42:35 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-04-04 14:42:00 ----D---- C:\Program Files\ATI
2010-04-03 20:29:41 ----D---- C:\cod 2 hax na demo
2010-04-02 18:59:25 ----D---- C:\Program Files\NET Traffic Meter
2010-04-02 18:42:26 ----D---- C:\Program Files\LanMon
2010-04-02 18:42:18 ----N---- C:\WINDOWS\Setup1.exe
2010-04-02 18:42:17 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-04-01 13:57:39 ----D---- C:\Program Files\Stylish Profile
2010-04-01 12:54:32 ----D---- C:\Program Files\NCSoft
2010-04-01 12:52:43 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\GetRightToGo
2010-03-31 23:09:23 ----D---- C:\Program Files\QuickTime
2010-03-31 13:56:48 ----D---- C:\wordpress
2010-03-31 07:28:29 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\FileZilla
2010-03-30 17:33:07 ----D---- C:\Program Files\Magic Bullet 2.0
2010-03-28 09:05:58 ----D---- C:\Program Files\Common Files\en-US
2010-03-28 09:05:55 ----D---- C:\Program Files\Common Files\ja-JP
2010-03-25 21:52:40 ----D---- C:\Program Files\dllViewer
2010-03-24 20:32:35 ----A---- C:\WINDOWS\WORDPAD.INI
2010-03-24 20:09:22 ----A---- C:\Log.txt
2010-03-23 23:14:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Fraus
2010-03-23 18:18:00 ----D---- C:\Program Files\Fraus
2010-03-22 22:25:40 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\VitySoft
2010-03-22 20:51:54 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2010-04-21 15:03:25 ----D---- C:\WINDOWS\Prefetch
2010-04-21 15:03:23 ----D---- C:\WINDOWS\Temp
2010-04-21 14:48:33 ----D---- C:\Program Files\Mozilla Firefox
2010-04-21 14:47:41 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 14:47:39 ----SD---- C:\WINDOWS\Tasks
2010-04-21 14:45:27 ----D---- C:\WINDOWS
2010-04-21 14:45:02 ----SHD---- C:\System Volume Information
2010-04-21 14:45:02 ----D---- C:\WINDOWS\system32\Restore
2010-04-21 14:43:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 14:31:54 ----D---- C:\WINDOWS\Debug
2010-04-21 14:27:16 ----D---- C:\WINDOWS\Minidump
2010-04-21 14:26:23 ----D---- C:\Program Files\trend micro
2010-04-21 13:46:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-04-20 22:48:55 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\Skype
2010-04-20 22:48:54 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\ICQ
2010-04-20 21:42:21 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\skypePM
2010-04-20 21:36:12 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\HLSW
2010-04-20 21:27:55 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-04-20 20:12:23 ----D---- C:\Program Files\Xfire
2010-04-20 20:11:13 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\mIRC
2010-04-20 20:04:41 ----D---- C:\Program Files\mIRC
2010-04-20 14:49:48 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\teamspeak2
2010-04-20 14:44:22 ----D---- C:\Program Files\Steam
2010-04-20 14:38:16 ----D---- C:\Program Files\WinClamAVShield
2010-04-20 14:34:12 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\Spyware Terminator
2010-04-20 14:32:32 ----HDC---- C:\WINDOWS\ie8
2010-04-20 14:32:31 ----D---- C:\WINDOWS\system32\drivers
2010-04-20 13:33:18 ----A---- C:\WINDOWS\system.ini
2010-04-20 13:31:31 ----D---- C:\WINDOWS\system32\config
2010-04-20 13:31:07 ----RD---- C:\Program Files
2010-04-20 13:31:06 ----D---- C:\WINDOWS\system32
2010-04-20 13:24:06 ----D---- C:\WINDOWS\AppPatch
2010-04-20 13:24:03 ----D---- C:\Program Files\Common Files
2010-04-19 21:26:24 ----A---- C:\WINDOWS\wincmd.ini
2010-04-19 21:12:13 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-19 21:07:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-19 20:54:06 ----D---- C:\moviemaking
2010-04-19 07:30:02 ----D---- C:\Program Files\Spyware Terminator
2010-04-18 22:45:51 ----RASH---- C:\boot.ini
2010-04-18 22:45:51 ----A---- C:\WINDOWS\win.ini
2010-04-18 22:45:50 ----D---- C:\WINDOWS\pss
2010-04-17 16:07:47 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-17 13:18:44 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-17 00:01:58 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\TeamViewer
2010-04-16 18:05:18 ----SHD---- C:\WINDOWS\Installer
2010-04-16 14:51:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-16 14:50:16 ----D---- C:\Program Files\Adobe
2010-04-16 14:48:08 ----D---- C:\Program Files\Common Files\Adobe
2010-04-16 14:46:31 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\Adobe
2010-04-16 14:45:10 ----RSD---- C:\WINDOWS\Fonts
2010-04-15 16:09:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-04-15 15:53:47 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-04-15 15:51:35 ----D---- C:\Program Files\Autodesk
2010-04-15 15:50:33 ----D---- C:\WINDOWS\system32\DirectX
2010-04-15 15:50:32 ----HD---- C:\WINDOWS\inf
2010-04-15 09:18:33 ----D---- C:\Program Files\Google
2010-04-14 07:36:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 07:36:55 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-13 20:51:08 ----RSD---- C:\WINDOWS\assembly
2010-04-13 19:04:18 ----D---- C:\Program Files\AviSynth 2.5
2010-04-13 13:07:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-10 16:46:50 ----A---- C:\vraylog.txt
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 15:34:25 ----D---- C:\Program Files\ICQ7.0
2010-04-05 22:16:02 ----D---- C:\Program Files\Call of Duty
2010-04-05 12:34:58 ----D---- C:\WINDOWS\WinSxS
2010-04-05 12:33:45 ----D---- C:\Program Files\Auto Typer by MurGee
2010-04-05 12:31:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-05 12:31:42 ----D---- C:\Program Files\Common Files\Apple
2010-04-05 12:28:23 ----D---- C:\Program Files\ABC 3GP Converter
2010-04-04 14:42:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-04 14:42:31 ----D---- C:\Program Files\ATI Technologies
2010-04-04 14:02:16 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\dvdcss
2010-04-03 21:21:26 ----D---- C:\Program Files\Crawler
2010-04-01 13:57:42 ----D---- C:\Program Files\Opera
2010-04-01 12:54:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-31 23:34:08 ----D---- C:\Program Files\Internet Explorer
2010-03-31 21:15:04 ----D---- C:\Program Files\AV Vcs 4.0 DIAMOND
2010-03-28 09:04:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-03-26 22:30:21 ----D---- C:\Program Files\wowko_bc
2010-03-23 07:52:00 ----D---- C:\Documents and Settings\Spáčil\Data aplikací\MAXON
2010-03-22 20:51:54 ----RD---- C:\Program Files\Skype
2010-03-22 20:51:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-09-18 15424]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-09-18 512096]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-03-03 4630016]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-28 4609024]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2008-12-25 3721664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-05-31 96896]
R3 TotRec7;Total Recorder WDM audio driver; C:\WINDOWS\system32\drivers\TotRec7.sys [2009-03-02 127496]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\SPIL~1\LOCALS~1\Temp\WZB8EA9.tmp []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-11-14 17480]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 PAC7311;VGA SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2006-11-08 530304]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-16 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-03-03 602112]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-07-26 79360]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-09-18 552064]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-27 75064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-13 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-05-14 593920]
S2 gupdate1c9fb2b93e9320e;Služba Google Update (gupdate1c9fb2b93e9320e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 190448]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-28 867080]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

spusťte přejmenované HJT C:\Documents and Settings\Spáčil\Dokumenty\Downloads\Spáčil.exe
, má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-cl ... ynoCAB.CAB
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab

- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc


Vypněte rezidentní štít u jednoho antispyware, bud Defenferu nebo Terminátora, prali by se.

pokud nepoužíváte, odinstalujte Icq toolbar

Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980

Pokud nejsou problémy, je to vše

[spacek]

Teď mi blbne ten firewall... Buď jsem něco podělal těma portama nebo firewallem. Sestře na Wi-Fi to jeden jen na 2 metry a předtím jí to šlo na 10. Takže pokud by to šlo nějak vrátit . Teď s Keriem to jede jenže se v tom Keriu vůbec, ale vůbec nevyznám, a když ho odďělám tak jí to zase nejde.

[motji]

Když vypnete Kerio, tak jí ro nejde?
Co se vrátit v bodu obnovy před instalaci Keria?