guru pandemic

[raca_]

Po zaponutí pc naběhla černá obrazovka s textem, že pc je napadený virem a že mám poslat peníze guru pandemic a poté mi budou poslány kódy na odkódování. čas pro poslání peněz byl 15 minut jinak budou údajně smazána veškerá data na HDD. Počítač byl ihned vypnut. Bohužel teď nemám možnost poslat log.
Za vaše rady předem děkuji.

[raca_]

Ok večer to zkusim podle tveho návodu a pak dám vědět, ted musím do práce.

[raca_]

Tak zde přikládám obsah z OTL.txt bohuzel extras.txt sem nenalezl.


OTL logfile created on: 4/21/2010 11:11:27 AM - Run
OTLPE by OldTimer - Version 3.1.37.2 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.48 Gb Total Space | 48.07 Gb Free Space | 32.82% Space Free | Partition Type: NTFS
Drive D: | 319.27 Gb Total Space | 319.15 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 7.65 Gb Total Space | 3.52 Gb Free Space | 46.07% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 963.70 Mb Total Space | 653.20 Mb Free Space | 67.78% Space Free | Partition Type: FAT

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2009/07/10 09:47:27 | 000,604,416 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/07/10 09:47:25 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009/07/02 16:17:10 | 000,225,280 | ---- | M] (Sony DADC Austria AG.) [Auto] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7)
SRV - [2009/06/01 16:20:12 | 000,222,968 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/04/27 08:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007/12/21 02:22:44 | 000,019,200 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007/12/21 02:21:16 | 000,468,224 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2005/01/14 03:32:38 | 000,053,248 | ---- | M] () [Auto] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2009/09/27 10:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/08/27 13:12:10 | 000,006,432 | ---- | M] (Sony DADC Austria AG.) [Kernel | On_Demand] -- C:\Documents and Settings\Radek\Local Settings\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - [2009/07/01 19:12:12 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/03 05:22:00 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/01/22 04:25:26 | 000,120,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/21 02:21:56 | 000,033,800 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2007/12/21 02:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007/12/21 02:19:54 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007/12/17 05:14:06 | 000,012,400 | R--- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/04/08 04:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2004/08/13 06:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Radek_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com
IE - HKU\Radek_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Radek_ON_C\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
IE - HKU\Radek_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Radek_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}: C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar [2009/08/16 02:56:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF [2009/08/16 02:56:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.5.900\FF [2009/08/16 02:56:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/11 11:20:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/31 06:00:41 | 000,000,000 | ---D | M]

[2010/04/19 01:37:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/27 13:46:30 | 000,000,000 | ---D | M] (TorrentMan Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}
[2009/08/11 06:54:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008/05/27 11:45:02 | 000,000,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\conduit.xml
[2009/06/23 01:35:04 | 000,001,619 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\FFToolbar.xml
[2009/07/07 09:29:50 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009/07/07 09:29:50 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009/07/07 09:29:50 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009/07/07 09:29:50 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009/07/07 09:29:50 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001/10/25 08:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - Reg Error: Value error. File not found
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - Reg Error: Value error. File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (System Search Dispatcher) - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll ()
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\Radek_ON_C\..\Toolbar\WebBrowser: (GamingHarbor Toolbar) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - Reg Error: Value error. File not found
O3 - HKU\Radek_ON_C\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O3 - HKU\Radek_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Radek_ON_C\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\Radek_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe File not found
O4 - HKLM..\Run: [System] C:\Program Files\System\system32.exe (Norris)
O4 - HKU\Radek_ON_C..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKU\Radek_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Radek_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\Radek_ON_C..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\Radek_ON_C..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk = File not found
O4 - Startup: C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\Registration Driver Parallel Lines.LNK = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Radek_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Radek_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 217.117.216.78
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Radek\AppData\LocalLow\Microńoft\redir.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/02 00:00:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 13:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/07/02 01:29:21 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)

========== Files/Folders - Created Within 7 Days ==========

[2010/04/19 02:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\System
[2010/04/15 12:19:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Radek\Plocha\Fotky 2
[2010/04/15 12:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radek\Plocha\zivotopis
[2010/04/15 09:17:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radek\Plocha\MATERIÁL DO ŠKOLY!!!!!!!!!!
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010/04/21 11:02:20 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/04/20 01:14:57 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Radek\NTUSER.DAT
[2010/04/20 01:14:57 | 000,229,376 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/20 01:14:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/20 01:14:55 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/20 01:07:49 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/04/20 01:07:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/20 01:07:36 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/04/20 01:07:36 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/04/20 01:07:35 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/19 14:20:02 | 002,644,864 | -H-- | M] () -- C:\Documents and Settings\Radek\Local Settings\Data aplikací\IconCache.db
[2010/04/19 14:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/04/19 13:36:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/19 02:53:25 | 000,029,734 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\RijksmuseumAmsterdam.jpg
[2010/04/19 02:47:59 | 000,105,514 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\amsterdam01.jpg
[2010/04/19 02:30:01 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/04/19 02:15:22 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\REFERÁT ŠVÉDSKO.rtf
[2010/04/18 14:52:55 | 000,001,365 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\REFERÁT NIZOZEMSKO.rtf
[2010/04/15 12:18:08 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/04/15 11:20:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/15 09:36:56 | 000,046,096 | ---- | M] () -- C:\Documents and Settings\Radek\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010/04/15 04:37:37 | 000,001,814 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\zprava_1254.zip
[2010/04/14 16:15:26 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\noname
[2010/04/14 16:15:13 | 000,000,322 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\Report
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/19 02:53:25 | 000,029,734 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\RijksmuseumAmsterdam.jpg
[2010/04/19 02:47:59 | 000,105,514 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\amsterdam01.jpg
[2010/04/18 15:19:43 | 000,001,800 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\REFERÁT ŠVÉDSKO.rtf
[2010/04/18 14:52:55 | 000,001,365 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\REFERÁT NIZOZEMSKO.rtf
[2010/04/15 04:37:37 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\zprava_1254.zip
[2010/04/14 16:15:26 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\noname
[2010/04/14 16:15:12 | 000,000,322 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\Report
[2010/02/04 08:24:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2010/01/17 04:46:55 | 000,001,176 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2010/01/01 08:38:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/11/25 12:12:57 | 000,000,017 | ---- | C] () -- C:\WINDOWS\echo.ini
[2009/07/21 10:52:11 | 000,000,044 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/02 16:08:39 | 000,000,180 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2009/07/02 16:05:55 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Radek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/02 14:48:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009/07/02 14:46:43 | 000,002,756 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2009/07/02 11:50:14 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\JoyFrc.dll
[2009/07/02 11:50:14 | 000,058,963 | ---- | C] () -- C:\WINDOWS\System32\Wcdu5Cpl.dll
[2009/07/02 11:29:46 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/07/02 11:27:55 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX8400DEFGIPS.ini
[2009/07/02 00:35:02 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/07/02 00:35:02 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/07/02 00:20:54 | 000,033,161 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/07/02 00:20:36 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/07/02 00:20:24 | 000,032,782 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/07/02 00:20:24 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/07/02 00:03:16 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\Radek\ntuser.dat.LOG
[2009/07/02 00:03:16 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Radek\ntuser.ini
[2009/07/02 00:03:15 | 004,980,736 | -H-- | C] () -- C:\Documents and Settings\Radek\NTUSER.DAT
[2009/07/02 00:02:39 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2009/07/02 00:02:39 | 000,049,152 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2009/07/02 00:02:39 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2009/07/02 00:02:27 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2009/07/02 00:02:26 | 000,229,376 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2009/07/02 00:02:26 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2009/07/01 21:08:01 | 000,000,093 | ---- | C] () -- C:\Documents and Settings\Radek\default.pls
[2009/07/01 21:07:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/01 19:53:07 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/06/05 02:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2007/12/21 02:21:56 | 000,033,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2005/10/14 05:56:50 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/04/08 04:46:18 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005/01/25 09:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2005/01/19 06:23:28 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2003/09/09 15:46:00 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll

========== LOP Check ==========

[2009/09/04 14:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\akcnicestinashw
[2009/07/02 16:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Buena Vista Games
[2009/07/01 19:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\DAEMON Tools Lite
[2009/07/10 09:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\EPSON
[2009/10/19 05:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Groove Games
[2009/12/10 09:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ
[2009/07/03 04:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ Toolbar
[2009/08/16 13:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Participatory Culture Foundation
[2009/12/05 05:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\temp
[2009/07/10 09:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\TuneUp Software
[2010/03/22 09:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\uTorrent
[2010/04/20 01:07:49 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/04/19 14:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\CTFMON.EXE -- [2008/04/13 23:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010/03/15 03:38:22 | 000,080,523 | ---- | M] () -- C:\csscz_odinstalovat.exe

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.exe


< MD5 for: AGP440.SYS >
[2004/08/17 10:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/17 10:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 17:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CHANGER.SYS >
[2004/08/17 10:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008/04/13 14:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: CRYPTSVC.DLL >
[2004/08/17 10:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008/04/13 23:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008/04/13 23:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008/04/13 23:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 23:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004/08/17 10:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 23:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008/04/13 23:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/17 10:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004/08/17 10:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008/04/13 14:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008/04/13 14:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004/08/03 17:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: ISAPNP.SYS >
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010/04/05 12:52:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001/10/25 08:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008/04/13 22:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008/04/13 22:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004/08/17 10:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008/04/13 23:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008/04/13 23:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/03 18:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/02/06 14:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/17 10:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/13 23:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 23:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/17 10:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 23:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 23:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004/08/17 10:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008/04/13 23:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008/04/13 23:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 23:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 23:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004/08/17 10:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008/06/20 06:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 15:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004/08/03 18:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/06/20 07:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/04/13 23:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 23:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004/08/17 10:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/17 10:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 23:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 23:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004/08/17 10:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008/04/13 23:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/13 23:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/06/20 13:49:25 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/13 23:21:49 | 000,275,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 23:21:51 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2010/03/10 00:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2008/06/17 15:02:56 | 008,465,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/07/02 01:31:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/07/02 01:31:59 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/07/02 01:31:59 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008/06/20 13:49:25 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/13 23:21:49 | 000,275,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 23:21:51 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2010/03/10 00:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2008/06/17 15:02:56 | 008,465,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< CREATERESTOREPOINT >
< End of report >

[raca_]

Tak teď sem zkoušel zapnout pc klasicky a ten vir vypada neskodne jen překáží na ploše . Podařilo se mi ještě zjískat log s RSIT tak take prikládám.



Logfile of random's system information tool 1.06 (written by random/random)
Run by Radek at 2010-04-21 11:47:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 49 GB (33%) free of 150 GB
Total RAM: 3326 MB (86% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-09-13 1312040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-10-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor0.dll [2008-05-21 1526296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
GdfrDUEn Class - C:\Program Files\Get Styles\enlbrdr.dll [2010-02-05 185856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll [2009-08-12 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2009-11-02 1085080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{7c5c0f58-e061-457d-9033-77307f5ed00c} - TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor0.dll [2008-05-21 1526296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-07-03 77824]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-23 136600]
"System"=C:\Program Files\System\system32.exe [2010-04-19 82432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"ares"=C:\Program Files\Ares\Ares.exe -h []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění
Registration Driver Parallel Lines.LNK - C:\Program Files\Ubisoft\Driver Parallel Lines\Register\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\City Interactive\The Heat of War\System\Iwo.exe"="C:\Program Files\City Interactive\The Heat of War\System\Iwo.exe:*:Enabled:Iwo"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\Radek\Local Settings\Temp\Rar$EX05.719\samp-server.exe"="C:\Documents and Settings\Radek\Local Settings\Temp\Rar$EX05.719\samp-server.exe:*:Enabled:samp-server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-21 17:15:44 ----A---- C:\OTL.Txt
2010-04-21 11:47:18 ----D---- C:\rsit
2010-04-21 11:47:18 ----D---- C:\Program Files\trend micro
2010-04-19 08:30:00 ----D---- C:\Program Files\System
2010-04-15 17:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 17:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 17:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 17:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 17:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 06:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 06:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-07 08:43:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-04-07 08:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-07 08:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-04-05 19:24:57 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-04-05 19:24:25 ----D---- C:\WINDOWS\Prefetch
2010-04-05 19:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-04-05 19:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-05 19:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-04-05 19:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-04-05 19:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-05 19:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-05 19:21:44 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-04-05 19:21:34 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2010-04-05 19:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-04-05 19:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-05 19:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-05 19:21:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-04-05 19:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-04-05 19:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-04-05 19:20:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2010-04-05 19:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-04-05 19:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-04-05 19:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-04-05 19:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-04-05 19:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-04-05 19:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-05 19:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-04-05 19:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-05 19:19:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-04-05 19:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2010-04-05 19:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-04-05 19:19:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-04-05 19:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-04-05 19:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-04-05 19:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-04-05 19:18:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-05 19:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-04-05 19:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-04-05 19:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-04-05 19:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980182_1$
2010-04-05 19:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2010-04-05 19:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-04-05 19:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2010-04-05 19:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-04-05 19:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-04-05 19:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-04-05 19:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-04-05 19:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2010-04-05 19:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-04-05 19:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-04-05 19:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-04-05 19:16:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-04-05 19:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-04-05 19:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-04-05 19:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-05 19:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-04-05 19:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-04-05 19:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-04-05 19:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-04-05 19:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-04-05 19:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-04-05 19:15:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-04-05 19:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-05 19:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2010-04-05 19:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-04-05 19:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-04-05 19:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-05 19:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-04-05 19:14:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-04-05 19:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-04-05 19:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-05 19:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-04-05 19:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-05 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-04-05 19:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-04-05 19:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-05 19:08:56 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-05 19:08:52 ----D---- C:\WINDOWS\l2schemas
2010-04-05 19:08:51 ----D---- C:\WINDOWS\system32\cs
2010-04-05 19:08:51 ----D---- C:\WINDOWS\system32\bits
2010-04-05 18:57:00 ----D---- C:\WINDOWS\network diagnostic
2010-04-05 18:52:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-04-05 18:24:19 ----D---- C:\Program Files\Shape Collage
2010-04-01 13:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980182_0$
2010-03-23 19:42:56 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-22 15:48:55 ----D---- C:\Program Files\Conduit
2010-03-22 15:48:54 ----D---- C:\Program Files\TorrentMan
2010-03-22 15:48:45 ----D---- C:\Program Files\BitLord
2010-03-22 15:46:40 ----D---- C:\Documents and Settings\Radek\Data aplikací\uTorrent

======List of files/folders modified in the last 1 months======

2010-04-21 11:47:18 ----D---- C:\Program Files
2010-04-21 11:47:10 ----D---- C:\WINDOWS\Temp
2010-04-21 11:41:55 ----SHD---- C:\WINDOWS\Installer
2010-04-21 11:41:54 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-21 11:41:47 ----D---- C:\Documents and Settings
2010-04-21 11:38:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-20 07:14:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-19 18:17:57 ----D---- C:\Program Files\Mozilla Firefox
2010-04-19 17:51:14 ----D---- C:\Documents and Settings\Radek\Data aplikací\Skype
2010-04-19 08:55:48 ----D---- C:\WINDOWS\system32
2010-04-19 08:30:01 ----D---- C:\WINDOWS
2010-04-19 07:38:28 ----D---- C:\Program Files\Google
2010-04-18 20:53:56 ----D---- C:\Program Files\rajce
2010-04-17 12:30:02 ----D---- C:\Documents and Settings\Radek\Data aplikací\vlc
2010-04-15 18:18:08 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-15 18:15:08 ----HD---- C:\WINDOWS\inf
2010-04-15 17:20:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 17:20:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 17:20:23 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 17:20:21 ----D---- C:\WINDOWS\system32\drivers
2010-04-15 17:04:00 ----D---- C:\Program Files\LimeWire
2010-04-15 14:28:38 ----D---- C:\WINDOWS\system32\DirectX
2010-04-15 14:28:38 ----D---- C:\Program Files\EA Sports
2010-04-15 14:28:28 ----RSD---- C:\WINDOWS\assembly
2010-04-07 18:57:30 ----A---- C:\WINDOWS\win.ini
2010-04-07 08:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 19:25:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 19:24:27 ----A---- C:\WINDOWS\setuplog.txt
2010-04-05 19:24:09 ----D---- C:\WINDOWS\system32\wbem
2010-04-05 19:24:09 ----D---- C:\WINDOWS\system32\Setup
2010-04-05 19:24:09 ----D---- C:\WINDOWS\AppPatch
2010-04-05 19:24:09 ----D---- C:\Program Files\Messenger
2010-04-05 19:24:08 ----RSD---- C:\WINDOWS\Fonts
2010-04-05 19:23:32 ----D---- C:\WINDOWS\security
2010-04-05 19:22:39 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-05 19:21:20 ----D---- C:\Program Files\Movie Maker
2010-04-05 19:19:50 ----D---- C:\Program Files\Outlook Express
2010-04-05 19:14:18 ----D---- C:\WINDOWS\WinSxS
2010-04-05 19:09:30 ----D---- C:\WINDOWS\ehome
2010-04-05 19:09:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-05 19:09:25 ----D---- C:\WINDOWS\ime
2010-04-05 19:09:24 ----D---- C:\WINDOWS\Help
2010-04-05 19:08:56 ----D---- C:\WINDOWS\system32\usmt
2010-04-05 19:08:53 ----D---- C:\Program Files\Internet Explorer
2010-04-05 19:08:50 ----D---- C:\WINDOWS\PeerNet
2010-04-05 19:02:52 ----D---- C:\WINDOWS\ServicePackFiles
2010-04-05 19:02:20 ----D---- C:\WINDOWS\system32\Restore
2010-04-05 19:02:20 ----D---- C:\WINDOWS\system32\npp
2010-04-05 19:02:19 ----D---- C:\WINDOWS\msagent
2010-04-05 19:02:16 ----D---- C:\WINDOWS\srchasst
2010-04-05 19:02:15 ----D---- C:\Program Files\NetMeeting
2010-04-05 19:02:11 ----D---- C:\WINDOWS\system32\Com
2010-04-05 19:02:04 ----D---- C:\Program Files\Windows Media Player
2010-04-05 19:02:03 ----D---- C:\Program Files\Windows NT
2010-04-05 19:01:56 ----D---- C:\Program Files\Common Files\System
2010-04-05 19:01:18 ----D---- C:\WINDOWS\system32\oobe
2010-04-05 19:01:13 ----D---- C:\WINDOWS\system
2010-04-05 18:54:46 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-03 14:57:09 ----D---- C:\Program Files\Rockstar Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 at68cvo5;at68cvo5; C:\WINDOWS\system32\drivers\at68cvo5.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Radek\LOCALS~1\Temp\sony_ssm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-23 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-02 66872]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-07-10 604416]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-07-02 225280]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca96d6ee935562;Služba Google Update (gupdate1ca96d6ee935562); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-10 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[raca_]

ComboFix 10-04-20.01 - Radek 21.04.2010 12:06:28.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2946 [GMT 2:00]
Spuštěný z: g:\other\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1222.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1785.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1919.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1952.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1C.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm1DA.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm2133.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm245E.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm3.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm3D4.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm564.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tm703.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tmA36.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tmB82.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\_tmEF7.tmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\Radek\Local Settings\Temporary Internet Files\stb06759.tmp
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.6.3.4500\Data\config.md
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.6.3.4500\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.dat
c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.5.900\Data\config.md
c:\program files\Media Access Startup\1.5.5.900\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.5.900\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.5.900\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.5.900\FF\install.rdf
c:\program files\Media Access Startup\1.5.5.900\HPCommon.dll
c:\program files\Media Access Startup\1.5.5.900\unins000.dat
c:\program files\Media Access Startup\1.5.5.900\unins000.exe
c:\program files\System Search Dispatcher\1.3.5.960\ssD.dll
c:\program files\system\system32.exe
c:\windows\system32\detoured.dll
c:\windows\system32\dllcache\mspmsnsv.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-21 do 2010-04-21 )))))))))))))))))))))))))))))))
.

2010-04-21 09:47 . 2010-04-21 09:47 -------- d-----w- C:\rsit
2010-04-21 09:47 . 2010-04-21 09:47 -------- d-----w- c:\program files\trend micro
2010-04-19 06:30 . 2010-04-21 10:09 -------- d-----w- c:\program files\System
2010-04-06 10:42 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-04-05 17:24 . 2004-08-17 14:49 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-05 17:08 . 2010-04-05 17:08 -------- d-----w- c:\windows\system32\cs-cz
2010-04-05 17:08 . 2010-04-05 17:08 -------- d-----w- c:\windows\l2schemas
2010-04-05 17:08 . 2010-04-05 17:08 -------- d-----w- c:\windows\system32\cs
2010-04-05 17:08 . 2010-04-05 17:08 -------- d-----w- c:\windows\system32\bits
2010-04-05 17:00 . 2010-04-05 17:00 45 ---h--w- c:\windows\dsez8997.dat
2010-04-05 16:24 . 2010-04-05 16:24 -------- d-----w- c:\program files\Shape Collage
2010-03-23 17:42 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-22 13:48 . 2010-03-22 13:48 -------- d-----w- c:\program files\Conduit
2010-03-22 13:48 . 2010-03-27 17:46 -------- d-----w- c:\program files\TorrentMan
2010-03-22 13:48 . 2010-03-27 17:53 -------- d-----w- c:\program files\BitLord

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-19 05:38 . 2010-01-16 18:08 -------- d-----w- c:\program files\Google
2010-04-18 18:53 . 2009-08-27 11:55 -------- d-----w- c:\program files\rajce
2010-04-15 15:04 . 2009-12-31 18:31 -------- d-----w- c:\program files\LimeWire
2010-04-15 12:28 . 2009-07-17 09:13 -------- d-----w- c:\program files\EA Sports
2010-04-08 15:53 . 2009-07-26 18:54 921632 ----a-w- C:\StiImg.dat
2010-04-05 17:25 . 2001-10-25 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-04-05 17:25 . 2001-10-25 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-04-05 17:12 . 2009-07-02 04:00 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-05 17:12 . 2009-07-02 04:00 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-03 12:57 . 2009-07-02 17:50 -------- d-----w- c:\program files\Rockstar Games
2010-03-15 07:38 . 2010-03-15 07:37 80523 ----a-w- C:\csscz_odinstalovat.exe
2010-03-09 11:11 . 2004-08-17 14:49 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 16:04 . 2010-02-26 16:04 -------- d-----w- c:\program files\Ask.com
2010-02-26 05:43 . 2004-08-17 14:49 668160 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2004-08-17 14:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2004-08-03 22:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-16 19:08 . 2004-08-17 14:45 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-12 04:35 . 2004-08-17 14:49 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-03 22:07 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2008-05-20 1526296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2008-05-20 23:43 1526296 ----a-w- c:\program files\TorrentMan\tbTor0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-02-05 17:23 185856 ----a-w- c:\program files\Get Styles\enlbrdr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2008-05-20 1526296]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor0.dll" [2008-05-20 1526296]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-03 18085888]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-03 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-23 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\City Interactive\\The Heat of War\\System\\Iwo.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2007 8:21 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21.12.2007 8:21 468224]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [17.7.2009 9:30 222968]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.7.2009 1:12 721904]
S2 gupdate1ca96d6ee935562;Služba Google Update (gupdate1ca96d6ee935562);c:\program files\Google\Update\GoogleUpdate.exe [16.1.2010 20:08 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.7.2009 6:30 1684736]
S3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 10:46 162176]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-04-21 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 18:08]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 18:08]

2010-04-21 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.gamingharbor.com
uInternet Connection Wizard,ShellNext = hxxp://www.4story.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
FF - ProfilePath - c:\documents and settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\a0np7yhw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.gamingharbor.com/search.do?desktopsmiley&keyword=
FF - component: c:\program files\Mozilla Firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-ares - c:\program files\Ares\Ares.exe
HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe
AddRemove-Counter-Strike:Source čestina - c:\documents and settings\Radek\Plocha\csscz_odinstalovat.exe
AddRemove-Downtube 2.0 - www.downtube.kit.net - c:\uninstall.exe
AddRemove-Mihov Image Resizer - c:\program files\Mihov Image Resizer\Uninstall.exe
AddRemove-Miro - c:\program files\Participatory Culture Foundation\Miro\uninstall.exe
AddRemove-mod_sobit - c:\program files\Rockstar Games\GTA San Andreas\Uninstall s0beit 3.4 mod
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Nero\Nero8\\nero\uninstall\UNNERO.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.5.900\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-21 12:09
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1292428093-1767777339-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:84,5f,92,a7,f1,76,8e,75,90,92,8d,2d,34,06,37,5b,9d,45,e9,95,2e,70,e9,
53,69,23,a4,5e,57,80,4a,08,fd,34,4a,13,5d,93,38,6c,e5,45,c3,b0,34,e3,f8,44,\
"??"=hex:cc,af,60,ed,59,09,90,e0,31,ae,5a,9e,e9,f1,92,34

[HKEY_USERS\S-1-5-21-1292428093-1767777339-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:fd,5b,ee,ac,db,bc,b2,2f,2e,f7,be,2c,07,0b,97,30,a3,a6,7e,76,12,
da,24,e0,ce,34,23,b7,42,bd,84,4d,d4,05,ff,3d,d8,4b,b1,c2,62,79,0c,9d,00,86,\
"rkeysecu"=hex:74,9f,b9,c8,f1,25,6d,1d,e6,a9,f8,76,2a,36,88,5f
.
Celkový čas: 2010-04-21 12:10:13
ComboFix-quarantined-files.txt 2010-04-21 10:10

Před spuštěním: Volných bajtů: 51 577 053 184
Po spuštění: Volných bajtů: 52 808 933 376

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - C1F02A3C35CFB329982ABBF21723EEA5

[raca_]

Tak na začátek pár odpovědí.

1.Plocha nešla, protože byla překryta oknem, které nešlo ukončit (již zmiňované okno s výzvou k zaplacení k odvirování).Nechtěl sem něco pokazit tak sem pc vypnul
a napsal sem zde na forum pro rady. Až později sem zjistil, že je možné s pc pracovat což byla moje chyba.
Program sem opravdu spustil z flash paměti, což sem si neuvědomil ( s pc umím základní věci a občas něco pokazím )


2. Ano duplicitní téma sem vytvořil to byla další chyba, jelikož sem si přečetl že tu jste v týdnu v odpoledních hodinách a já mám vypůjčený pc než opravým svůj a bál
sem se, že se zde budeme míjet. V devět sem bohužel byl ještě v práci domu příjíždím ,až po desáté večer.

3.-Programy: c:\program files\TorrentMan\tbTor0.dll
c:\program files\Get Styles\enlbrdr.dll

Ani jeden neznám. Nejsem jediný kdo používá tento pc, ale pokud nevypadají v pořádku tak je klidně odstaním jak usoudíte vy.

- složka zazipována a uložena na rapidshare.com odkaz vám pošlu.

- programy ze seznamu jsou funkční to je ok.

-----------------------------------------------------------------------------------------------------------------------------------------------------




výpis z GooredFix:




GooredFix by jpshortstuff (08.01.10.1)
Log created at 23:04 on 21/04/2010 (Radek)
Firefox version 3.0.19 (cs)

========== GooredScan ==========

Removing Orphan:
"{2224E955-00E9-4613-A844-CE69FCCAAE91}"="C:\Program Files\Internet Saving Optimizer\3.6.3.4500\FF" -> Success!
Removing Orphan:
"{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}"="C:\Program Files\Media Access Startup\1.5.5.900\FF" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{7c5c0f58-e061-457d-9033-77307f5ed00c} [17:46 27/03/2010]
{800b5000-a755-47e1-992b-48a1c1357f07} [10:54 11/08/2009]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:53 01/07/2009]
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [17:13 23/10/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}"="C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar" [06:56 16/08/2009]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [17:13 23/10/2009]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [17:35 07/11/2009]

-=E.O.F=-








-----------------------------------------------------------------------------------------------------------------------------------------------------------
výpis z MBAM kompletní sken:




Malwarebytes' Anti-Malware 1.45
http://www.malwarebytes.org

Verze databáze: 4017

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

21.4.2010 23:41:40
mbam-log-2010-04-21 (23-41-40).txt

Typ skenu: Úplný sken (C:\|E:\|)
Skenované objekty: 218158
Uplynulý čas: 30 minuta(y), 5 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 28
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované složky: 16
Infikované soubory: 119

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{872a1c39-df0b-4c8b-ad84-12ba24a3b781} (Adware.DoubleD) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210 (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome\locale (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome\locale\en-US (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\components (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\searchplugins (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960 (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\OEActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}\OFFLINE\mFileBagIDE.dll\bag\stbrunwlm.exe (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}\OFFLINE\mFileBagIDE.dll\bag\stbterm.exe (Adware.ColorSoft) -> No action taken.
C:\downtube\ffmpeg.exe (Trojan.Agent.Gen) -> No action taken.
C:\Program Files\Shape Collage\ShapeCollage.exe (Trojan.Agent.Gen) -> No action taken.
C:\WINDOWS\sed.exe (Trojan.Agent.Gen) -> No action taken.
E:\Nero_8.2.8.0_Lite\Keygen.exe (Malware.Packer) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\AxGifAnimator.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\gdiplus.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\HookAPINT.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\mfc80.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\MyDll.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\ProductInfo.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Riched20Smiley.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\SkinCrafterDll.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbAol.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbappHelper.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbIE.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbMsn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbOL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbOLEX.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbYahoo8.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\stbYahoo9.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\default1.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\loading.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Cache\loading.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Cursor.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Glitter.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Recipe.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Ringtone.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Screensaver.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Smiley.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\pixel.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\profile.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\install.rdf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome\GamingHarborToolbar.jar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\chrome\locale\en-US\global.dtd (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\components\DDAutoComplete.js (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\components\ISmileyCore.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\components\TBFFHelper.js (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\components\TBFFHelper.xpt (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\FFToolbar\searchplugins\gamingharborsearchplugins.xml (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\About.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Cursor.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Cursor.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Glitter.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Glitter.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Recipe.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Ringtone.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Screensaver.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Smiley.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar\4.2.0.21210\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\eacore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> No action taken.

[raca_]

-Oba nezname programy jsem odebral.

- MBAM- vymazal sem vse co jsi chtel i nektere veci co jsi vypsal a doporucil take smazat.
- log z rsit prikladam take, ale nevim jak ma byt soucasti hijackthis? Prooze si nejsem jist
co mam presne udelat stahl sem si hijackthis udelal take sken ten zde prilozim a pote udelal
sken z MBAM (provedl sem pouze rychly sken uz sem nemel cas snad nevadi)a ten zde take
predkladam ke kontrole pokud je to opet spatne tak sem asi strevo


-----------------------------------------------------------------------------------------------------

SKEN z HijackThis:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50:52, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Radek\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.4story.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration Driver Parallel Lines.LNK = C:\Program Files\Ubisoft\Driver Parallel Lines\Register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca96d6ee935562) (gupdate1ca96d6ee935562) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 8083 bytes











--------------------------------------------------------------------------------------------------------------------------


sken z MBAM:



Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 4017

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

22.4.2010 12:06:02
mbam-log-2010-04-22 (12-06-02).txt

Typ skenu: Rychlý sken
Skenované objekty: 101669
Uplynulý čas: 2 minuta(y), 29 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\WINDOWS\sed.exe (Trojan.Agent.Gen) -> No action taken.

[raca_]

Vše provedeno!
Zatím moc děkuji za pomoc později sem pošlu log na kontrolu.




Logfile of random's system information tool 1.06 (written by random/random)
Run by Radek at 2010-04-22 23:13:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 55 GB (36%) free of 150 GB
Total RAM: 3326 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:13:50, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Radek\Plocha\RSIT.exe
C:\Documents and Settings\Radek\Plocha\Radek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.4story.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration Driver Parallel Lines.LNK = C:\Program Files\Ubisoft\Driver Parallel Lines\Register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca96d6ee935562) (gupdate1ca96d6ee935562) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 7560 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-09-13 1312040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-10-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2009-11-02 1085080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{D4027C7F-154A-4066-A1AD-4243D8127440}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-07-03 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-23 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění
Registration Driver Parallel Lines.LNK - C:\Program Files\Ubisoft\Driver Parallel Lines\Register\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\City Interactive\The Heat of War\System\Iwo.exe"="C:\Program Files\City Interactive\The Heat of War\System\Iwo.exe:*:Enabled:Iwo"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-22 23:13:45 ----D---- C:\rsit
2010-04-22 23:07:23 ----D---- C:\Program Files\CCleaner
2010-04-22 22:49:36 ----D---- C:\Program Files\Sunbelt Software
2010-04-22 22:40:13 ----SHD---- C:\RECYCLER
2010-04-21 23:07:57 ----D---- C:\Documents and Settings\Radek\Data aplikací\Malwarebytes
2010-04-21 23:07:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-21 23:07:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-21 13:01:15 ----D---- C:\WINDOWS\ERDNT
2010-04-21 12:05:39 ----A---- C:\Boot.bak
2010-04-21 12:05:36 ----RASHD---- C:\cmdcons
2010-04-19 08:30:00 ----D---- C:\Program Files\System
2010-04-15 17:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 17:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 17:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 17:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 17:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 06:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 06:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-07 08:43:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-04-07 08:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-07 08:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-04-05 19:24:57 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-04-05 19:24:25 ----D---- C:\WINDOWS\Prefetch
2010-04-05 19:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-04-05 19:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-05 19:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-04-05 19:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-04-05 19:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-05 19:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-05 19:21:44 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-04-05 19:21:34 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2010-04-05 19:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-04-05 19:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-05 19:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-05 19:21:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-04-05 19:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-04-05 19:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-04-05 19:20:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2010-04-05 19:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-04-05 19:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-04-05 19:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-04-05 19:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-04-05 19:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-04-05 19:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-05 19:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-04-05 19:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-05 19:19:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-04-05 19:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2010-04-05 19:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-04-05 19:19:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-04-05 19:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-04-05 19:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-04-05 19:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-04-05 19:18:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-05 19:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-04-05 19:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-04-05 19:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-04-05 19:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980182_1$
2010-04-05 19:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2010-04-05 19:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-04-05 19:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2010-04-05 19:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-04-05 19:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-04-05 19:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-04-05 19:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-04-05 19:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2010-04-05 19:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-04-05 19:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-04-05 19:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-04-05 19:16:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-04-05 19:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-04-05 19:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-04-05 19:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-05 19:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-04-05 19:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-04-05 19:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-04-05 19:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-04-05 19:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-04-05 19:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-04-05 19:15:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-04-05 19:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-05 19:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2010-04-05 19:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-04-05 19:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-04-05 19:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-05 19:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-04-05 19:14:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-04-05 19:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-04-05 19:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-05 19:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-04-05 19:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-05 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-04-05 19:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-04-05 19:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-05 19:08:56 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-05 19:08:52 ----D---- C:\WINDOWS\l2schemas
2010-04-05 19:08:51 ----D---- C:\WINDOWS\system32\cs
2010-04-05 19:08:51 ----D---- C:\WINDOWS\system32\bits
2010-04-05 18:57:00 ----D---- C:\WINDOWS\network diagnostic
2010-04-05 18:52:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-04-05 18:24:19 ----D---- C:\Program Files\Shape Collage
2010-04-01 13:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980182_0$
2010-03-23 19:42:56 ----N---- C:\WINDOWS\system32\browserchoice.exe

======List of files/folders modified in the last 1 months======

2010-04-22 23:13:29 ----D---- C:\WINDOWS\Temp
2010-04-22 23:07:23 ----D---- C:\Program Files
2010-04-22 23:02:51 ----D---- C:\Program Files\Mozilla Firefox
2010-04-22 23:01:25 ----D---- C:\WINDOWS\Minidump
2010-04-22 23:01:25 ----D---- C:\WINDOWS\Debug
2010-04-22 23:01:25 ----D---- C:\WINDOWS
2010-04-22 22:56:23 ----SHD---- C:\System Volume Information
2010-04-22 22:56:23 ----D---- C:\WINDOWS\system32\Restore
2010-04-22 22:50:02 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-22 22:49:47 ----SHD---- C:\WINDOWS\Installer
2010-04-22 22:49:43 ----HD---- C:\WINDOWS\inf
2010-04-22 22:49:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-22 22:49:41 ----D---- C:\WINDOWS\system32\drivers
2010-04-22 22:49:41 ----D---- C:\WINDOWS\system32
2010-04-22 11:37:29 ----D---- C:\Program Files\Get Styles
2010-04-22 11:35:22 ----D---- C:\Program Files\TorrentMan
2010-04-21 12:48:28 ----D---- C:\Documents and Settings
2010-04-21 12:09:23 ----A---- C:\WINDOWS\system.ini
2010-04-21 12:09:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-21 12:07:39 ----D---- C:\WINDOWS\AppPatch
2010-04-21 12:07:36 ----D---- C:\Program Files\Common Files
2010-04-21 12:05:39 ----RASH---- C:\boot.ini
2010-04-19 17:51:14 ----D---- C:\Documents and Settings\Radek\Data aplikací\Skype
2010-04-19 07:38:28 ----D---- C:\Program Files\Google
2010-04-18 20:53:56 ----D---- C:\Program Files\rajce
2010-04-17 12:30:02 ----D---- C:\Documents and Settings\Radek\Data aplikací\vlc
2010-04-15 18:18:08 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-15 17:20:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 17:04:00 ----D---- C:\Program Files\LimeWire
2010-04-15 14:28:38 ----D---- C:\WINDOWS\system32\DirectX
2010-04-15 14:28:38 ----D---- C:\Program Files\EA Sports
2010-04-15 14:28:28 ----RSD---- C:\WINDOWS\assembly
2010-04-07 18:57:30 ----A---- C:\WINDOWS\win.ini
2010-04-07 08:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 19:25:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-05 19:24:09 ----D---- C:\WINDOWS\system32\wbem
2010-04-05 19:24:09 ----D---- C:\WINDOWS\system32\Setup
2010-04-05 19:24:09 ----D---- C:\Program Files\Messenger
2010-04-05 19:24:08 ----RSD---- C:\WINDOWS\Fonts
2010-04-05 19:23:32 ----D---- C:\WINDOWS\security
2010-04-05 19:22:39 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-05 19:21:20 ----D---- C:\Program Files\Movie Maker
2010-04-05 19:19:50 ----D---- C:\Program Files\Outlook Express
2010-04-05 19:14:18 ----D---- C:\WINDOWS\WinSxS
2010-04-05 19:09:30 ----D---- C:\WINDOWS\ehome
2010-04-05 19:09:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-05 19:09:25 ----D---- C:\WINDOWS\ime
2010-04-05 19:09:24 ----D---- C:\WINDOWS\Help
2010-04-05 19:08:56 ----D---- C:\WINDOWS\system32\usmt
2010-04-05 19:08:53 ----D---- C:\Program Files\Internet Explorer
2010-04-05 19:08:50 ----D---- C:\WINDOWS\PeerNet
2010-04-05 19:02:52 ----D---- C:\WINDOWS\ServicePackFiles
2010-04-05 19:02:20 ----D---- C:\WINDOWS\system32\npp
2010-04-05 19:02:19 ----D---- C:\WINDOWS\msagent
2010-04-05 19:02:16 ----D---- C:\WINDOWS\srchasst
2010-04-05 19:02:15 ----D---- C:\Program Files\NetMeeting
2010-04-05 19:02:11 ----D---- C:\WINDOWS\system32\Com
2010-04-05 19:02:04 ----D---- C:\Program Files\Windows Media Player
2010-04-05 19:02:03 ----D---- C:\Program Files\Windows NT
2010-04-05 19:01:56 ----D---- C:\Program Files\Common Files\System
2010-04-05 19:01:18 ----D---- C:\WINDOWS\system32\oobe
2010-04-05 19:01:13 ----D---- C:\WINDOWS\system
2010-04-05 18:54:46 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-03 14:57:09 ----D---- C:\Program Files\Rockstar Games
2010-03-27 19:53:05 ----D---- C:\Program Files\BitLord

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aqd22gpc;aqd22gpc; C:\WINDOWS\system32\drivers\aqd22gpc.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Radek\LOCALS~1\Temp\sony_ssm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-23 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-02 66872]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-07-10 604416]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-07-02 225280]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca96d6ee935562;Služba Google Update (gupdate1ca96d6ee935562); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-07-10 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------